Exploit for #VU2659 Improper Validation of Array Index in Adobe Reader and Adobe Acrobat

Cybersecurity Help s.r.o.

Published: 2020-03-18

Vulnerability identifier: #VU2659

Vulnerability risk: High

CVSSv4.0: 8.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2009-2990

CWE-ID: CWE-129

Exploitation vector: Network

Exploits in database: 3

March 18, 2020
- Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (Metasploit) (1) [Exploit-DB]
- Adobe Reader and Acrobat - '.U3D' File Invalid Array Index Remote [Exploit-DB]
- Adobe U3D CLODProgressiveMeshDeclaration Array Overrun [Metasploit]

Vulnerable software:
Adobe Reader
Client/Desktop applications / Office applications
Adobe Acrobat
Client/Desktop applications / Office applications

Vendor: Adobe