CVE-2013-2729

CVE Database · CVE-2013-2729

CVE-2013-2729

· CRITICALAnalyzed

CVSS v3.1

9.8

EPSS

66.55%

Published

May 16, 2013

Modified

Apr 22, 2026

CISA Known Exploited Vulnerability

Added: 2022-03-28 · Due: 2022-04-18

Apply updates per vendor instructions.

Public PoC / Exploit (3)

All weaponized →

Exploit-DBAdobe Reader X 10.1.4.38 - '.BMP'/'.RLE' Heap Corruption TrickestTrickest PoC index GitHub PoCfeliam/CVE-2013-2729★24

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2727.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-190CWE-190

Affected Products (15)

adobe · acrobat (up to 9.5.5)vulnerable

adobe · acrobat (up to 10.1.7)vulnerable

adobe · acrobat (up to 11.0.03)vulnerable

adobe · acrobat_reader (up to 9.5.5)vulnerable

adobe · acrobat_reader (up to 10.1.7)vulnerable

adobe · acrobat_reader (up to 11.0.03)vulnerable

suse · linux_enterprise_desktopvulnerable

redhat · enterprise_linux_desktopvulnerable

References (12)

http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html

Mailing ListThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2013-0826.html

Third Party Advisory

http://security.gentoo.org/glsa/glsa-201308-03.xml

Third Party Advisory

http://www.adobe.com/support/security/bulletins/apsb13-15.html

Not ApplicablePatchVendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16717

Broken Link

http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html

KEV Catalog EPSS Scores Vendors All CVEs