Back

CVE-2013-3346

CRITICAL CISA KEV

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341.

Published: Aug 30, 2013 Modified: Apr 21, 2026
CWE-787 CWE-787

CVSS Metrics

CVSSv3
Attack Vector: NETWORK Attack Complexity: LOW Privileges Required: NONE User Interaction: NONE Scope: UNCHANGED Confidentiality Impact: HIGH Integrity Impact: HIGH Availability Impact: HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products (6)

Vendor Product Version
adobe acrobat * ≥ 9.0 < 9.5.5
adobe acrobat * ≥ 10.0 < 10.1.7
adobe acrobat * ≥ 11.0 < 11.0.03
adobe acrobat_reader * ≥ 9.0 < 9.5.5
adobe acrobat_reader * ≥ 10.0 < 10.1.7
adobe acrobat_reader * ≥ 11.0 < 11.0.03

GitHub Security Advisory GHSA-mhw3-773g-72wx

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow...

References (6)

Risk Scores

CVSS Score 9.8 / 10
EPSS Score 89.56%

Top 0% most likely to be exploited

Threat Score 96.1 / 100

CISA Known Exploited

Date Added: 2022-03-03
Due Date: 2022-03-24
Required Action:

Apply updates per vendor instructions.

Data Sources

NVD CISA KEV EPSS GitHub