Back
CVE-2013-2729
CRITICAL
CISA KEV
Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2727.
Published: May 16, 2013
Modified: Apr 22, 2026
CWE-190
CWE-190
CVSS Metrics
CVSSv3
Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products (15)
| Vendor | Product | Version |
|---|---|---|
| adobe | acrobat | * ≥ 9.0 < 9.5.5 |
| adobe | acrobat | * ≥ 10.0 < 10.1.7 |
| adobe | acrobat | * ≥ 11.0 < 11.0.03 |
| adobe | acrobat_reader | * ≥ 9.0 < 9.5.5 |
| adobe | acrobat_reader | * ≥ 10.0 < 10.1.7 |
| adobe | acrobat_reader | * ≥ 11.0 < 11.0.03 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_eus | 6.4 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server_aus | 6.4 |
| redhat | enterprise_linux_workstation | 6.0 |
GitHub Security Advisory GHSA-q39j-xwr5-2ggj
Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x...
References (12)
- http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html Mailing List, Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2013-0826.html Third Party Advisory
- http://security.gentoo.org/glsa/glsa-201308-03.xml Third Party Advisory
- http://www.adobe.com/support/security/bulletins/apsb13-15.html Not Applicable, Patch, Vendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16717 Broken Link
- http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html Mailing List, Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2013-0826.html Third Party Advisory
- http://security.gentoo.org/glsa/glsa-201308-03.xml Third Party Advisory
- http://www.adobe.com/support/security/bulletins/apsb13-15.html Not Applicable, Patch, Vendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16717 Broken Link
- https://github.com/cisagov/vulnrichment/issues/199 Issue Tracking
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2729 US Government Resource
Risk Scores
CVSS Score
9.8 / 10
EPSS Score
89.61%
Top 0% most likely to be exploited
Threat Score
96.1 / 100
CISA Known Exploited
Date Added:
2022-03-28
Due Date:
2022-04-18
Required Action:
Apply updates per vendor instructions.
Data Sources
NVD
CISA KEV
EPSS
GitHub