CVE-2013-3346

CVE Database · CVE-2013-3346

CVE-2013-3346

· CRITICALAnalyzed

CVSS v3.1

9.8

EPSS

78.58%

Published

Aug 30, 2013

Modified

Apr 21, 2026

CISA Known Exploited Vulnerability

Added: 2022-03-03 · Due: 2022-03-24

Apply updates per vendor instructions.

Public PoC / Exploit (2)

All weaponized →

Exploit-DBAdobe Reader ToolButton - Use-After-Free (Metasploit)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-787CWE-787

Affected Products (6)

adobe · acrobat (up to 9.5.5)vulnerable

adobe · acrobat (up to 10.1.7)vulnerable

adobe · acrobat (up to 11.0.03)vulnerable

adobe · acrobat_reader (up to 9.5.5)vulnerable

adobe · acrobat_reader (up to 10.1.7)vulnerable

adobe · acrobat_reader (up to 11.0.03)vulnerable

References (6)