CVE-2011-2462
KEV
🔴 Łataj teraz
Nieokreślona podatność w Adobe Reader umożliwia zdalne wykonanie kodu lub awarię usługi.
CVSS
9.8
EPSS
91.8%
Exploit
weaponized
Vendor
adobe
Opis źródłowy (NVD)
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.
dos
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 9.8 |
| CISA KEV (aktywnie wykorzystywane) | Tak |
| FIRST EPSS (prawdopodobieństwo exploita) | 91.8% |
| Opublikowano (NVD) | 2011-12-07 19:55:01 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-21 21:13:14 UTC |
Referencje
- http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html (psirt@adobe.com) [Broken Link]
- http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html (psirt@adobe.com) [Broken Link]
- http://www.adobe.com/support/security/advisories/apsa11-04.html (psirt@adobe.com) [Vendor Advisory]
- http://www.adobe.com/support/security/bulletins/apsb11-30.html (psirt@adobe.com) [Not Applicable]
- http://www.adobe.com/support/security/bulletins/apsb12-01.html (psirt@adobe.com) [Not Applicable]
- http://www.redhat.com/support/errata/RHSA-2012-0011.html (psirt@adobe.com) [Broken Link]
- http://www.us-cert.gov/cas/techalerts/TA11-350A.html (psirt@adobe.com) [Third Party Advisory, US Government Resource]
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562 (psirt@adobe.com) [Broken Link]
- https://github.com/cisagov/vulnrichment/issues/199 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [Issue Tracking]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-2462 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [US Government Resource]