CyberSec.Space Logo
Back to CVE Browser

CVE-2013-0641

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score53.8320%
EPSS Percentile95.98th
PublishedFeb 14, 2013
Last ModifiedApr 21, 2026

Vulnerability Description

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.

Affected Platforms (CPE)

πŸ“¦
Adobe

Acrobat

>= 9.0 and < 9.5.4
πŸ“¦
Adobe

Acrobat

>= 10.0 and < 10.1.6
πŸ“¦
Adobe

Acrobat

>= 11.0 and < 11.0.02
πŸ“¦
Adobe

Acrobat Reader

>= 10.0 and < 10.1.6
πŸ“¦
Adobe

Acrobat Reader

>= 11.0 and < 11.0.02
πŸ“¦
Adobe

Acrobat Reader

>= 9.0 and < 9.5.4
πŸ’»
Redhat

Enterprise Linux Desktop

= 6.0
πŸ’»
Redhat

Enterprise Linux Eus

= 5.9
πŸ’»
Redhat

Enterprise Linux Eus

= 6.4
πŸ’»
Redhat

Enterprise Linux Server

= 6.0
πŸ’»
Redhat

Enterprise Linux Server Aus

= 5.9
πŸ’»
Redhat

Enterprise Linux Server Aus

= 6.4
πŸ’»
Redhat

Enterprise Linux Workstation

= 6.0
πŸ’»
Opensuse

Opensuse

= 11.4
πŸ’»
Opensuse

Opensuse

= 12.1
πŸ’»
Suse

Linux Enterprise Desktop

= 10
πŸ’»
Suse

Linux Enterprise Desktop

= 11

References & Advisories

πŸ”— http://blog.fireeye.com/research/2013/02/in-turn-its-pdf-time.html
πŸ”— http://blogs.adobe.com/psirt/2013/02/adobe-reader-and-acrobat-vulnerability-report.html
πŸ”— http://blogs.mcafee.com/mcafee-labs/digging-into-the-sandbox-escape-technique-of-the-recent-pdf-exploit
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00021.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00023.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00024.html
πŸ”— http://rhn.redhat.com/errata/RHSA-2013-0551.html
πŸ”— http://security.gentoo.org/glsa/glsa-201308-03.xml

Related Vulnerabilities

CVE-2004-063110.0

Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions...

CVE-2004-115210.0

Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary c...

CVE-2004-063010.0

The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those bef...

CVE-2004-115310.0

Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (appl...