Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-2993

Опубликовано: 19 окт. 2009
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 9.3

Описание

The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information.

РелизСтатусПримечание
dapper

ignored

devel

released

9.3.2-lucid1
hardy

released

9.2-1
intrepid

released

9.2-1intrepid2
jaunty

released

9.2-1jaunty1
karmic

released

9.2-1karmic1
upstream

released

9.2

Показывать по

Ссылки на источники

EPSS

Процентиль: 92%
0.09132
Низкий

9.3 Critical

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-2993

redhat
около 16 лет назад

The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information.

nvd логотип

CVE-2009-2993

nvd
около 16 лет назад

The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information.

github логотип

GHSA-q9x2-fv97-cmpm

github
больше 3 лет назад

The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information.

EPSS

Процентиль: 92%
0.09132
Низкий

9.3 Critical

CVSS2