CVEブラウザに戻る

CVE-2011-2462

Known Exploited (CISA KEV)CRITICAL

9.8

CVSS Severity Score

EPSS Score84.8070%

EPSS Percentile98.24th

Published2011年12月7日

Last Modified2026年4月21日

Vulnerability Description

Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.

Affected Platforms (CPE)

📦

Adobe

Acrobat

<= 10.1.1

📦

Adobe

Acrobat Reader

<= 10.1.1

📦

Adobe

Acrobat Reader

>= 9.0 and <= 9.4.6

References & Advisories

🔗 http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html

🔗 http://www.adobe.com/support/security/advisories/apsa11-04.html

🔗 http://www.adobe.com/support/security/bulletins/apsb11-30.html

🔗 http://www.adobe.com/support/security/bulletins/apsb12-01.html

🔗 http://www.redhat.com/support/errata/RHSA-2012-0011.html

🔗 http://www.us-cert.gov/cas/techalerts/TA11-350A.html

🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562

関連する脆弱性情報

CVE-2004-063110.0

Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions...

CVE-2004-115210.0

Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary c...

CVE-2004-063010.0

The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those bef...

CVE-2004-115310.0

Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (appl...