CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.9%
Added: 02/27/2009
CVE: CVE-2009-0658
BID: 33751
OSVDB: 52073
Adobe Acrobat is software for creating PDF documents. Adobe Reader is free software for viewing PDF documents.
A buffer overflow vulnerability allows command execution when a user opens a PDF file containing a specially crafted JBIG2 image stream.
Apply the update referenced in APSA 09-01 when available.
http://www.us-cert.gov/cas/techalerts/TA09-051A.html
Exploit works on Adobe Reader 8.1.2 and requires a user to open the exploit PDF file in Adobe Reader.
Due to the nature of the vulnerability, the success of this exploit depends on the state of the target system.
Windows 2000
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.9%