CVE-2011-2462

CVE Database · CVE-2011-2462

CVE-2011-2462

· CRITICALAnalyzed

CVSS v3.1

9.8

EPSS

86.12%

Published

Dec 7, 2011

Modified

Apr 21, 2026

CISA Known Exploited Vulnerability

Added: 2022-06-08 · Due: 2022-06-22

Apply updates per vendor instructions.

Public PoC / Exploit (2)

All weaponized →

Exploit-DBAdobe Reader - U3D Memory Corruption (Metasploit)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-787CWE-787

Affected Products (6)

adobe · acrobatvulnerable

adobe · acrobat_readervulnerable

apple · mac_os_x

microsoft · windows

adobe · acrobat_readervulnerable

opengroup · unix

References (18)