← back
CVE-2009-3953

CVE-2009-3953

CVSS 8.8 HIGHEPSS 83.6%● KEVCWE-787
In short

Adobe Reader and Acrobat have a flaw in how they handle 3D graphics (U3D format) inside PDF files. An attacker can craft a malicious PDF that crashes the software or runs harmful code when opened.

Technical detail

A buffer overflow vulnerability exists in the U3D mesh decoder (CLODProgressiveMeshDeclaration) affecting Adobe Reader/Acrobat 9.x, 8.x, and 7.x on Windows and Mac OS X. Remote attack vector via specially crafted U3D data embedded in PDF documents; no user interaction beyond opening the PDF is required. Successful exploitation results in arbitrary code execution with user privileges.

Summary generated and translated by AI from the official description.
The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/16622unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.htmlhttp://osvdb.org/61690https://bugzilla.redhat.com/show_bug.cgi?id=554293http://secunia.com/advisories/38138http://secunia.com/advisories/38215https://exchange.xforce.ibmcloud.com/vulnerabilities/55551https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8242https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-3953http://www.adobe.com/support/security/bulletins/apsb10-02.htmlhttp://www.metasploit.com/modules/exploit/windows/fileformat/adobe_u3d_meshdeclhttp://www.redhat.com/support/errata/RHSA-2010-0060.htmlhttp://www.securityfocus.com/bid/37758