VIR Vulnerability Intelligence Relay

CVE-2013-0604

critical
Published 2013-01-10 · Modified 2026-04-29
CVSS v3
CVSS v2
10.0
VIR risk
10.0

Description

Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0603.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@adobe.com — http://www.adobe.com/support/security/bulletins/apsb13-02.html

Application impact
VendorProductVersionsFixed
adobeacrobat9.0
adobeacrobat9.1
adobeacrobat9.1.1
adobeacrobat9.1.2
adobeacrobat9.1.3
adobeacrobat9.2
adobeacrobat9.3
adobeacrobat9.3.1
adobeacrobat9.3.2
adobeacrobat9.3.3
adobeacrobat9.3.4
adobeacrobat9.4
adobeacrobat9.4.1
adobeacrobat9.4.2
adobeacrobat9.4.3
adobeacrobat9.4.4
adobeacrobat9.4.5
adobeacrobat9.4.6
adobeacrobat9.4.7
adobeacrobat9.5
adobeacrobat9.5.1
adobeacrobat9.5.2
adobeacrobat_reader9.0
adobeacrobat_reader9.1
adobeacrobat_reader9.1.1
adobeacrobat_reader9.1.2
adobeacrobat_reader9.1.3
adobeacrobat_reader9.2
adobeacrobat_reader9.3
adobeacrobat_reader9.3.1
adobeacrobat_reader9.3.2
adobeacrobat_reader9.3.3
adobeacrobat_reader9.3.4
adobeacrobat_reader9.4
adobeacrobat_reader9.4.1
adobeacrobat_reader9.4.2
adobeacrobat_reader9.4.3
adobeacrobat_reader9.4.4
adobeacrobat_reader9.4.5
adobeacrobat_reader9.4.6
adobeacrobat_reader9.4.7
adobeacrobat_reader9.5
adobeacrobat_reader9.5.1
adobeacrobat_reader9.5.2
adobeacrobat10.0
adobeacrobat10.0.1
adobeacrobat10.0.2
adobeacrobat10.0.3
adobeacrobat10.1
adobeacrobat10.1.1
adobeacrobat10.1.2
adobeacrobat10.1.3
adobeacrobat10.1.4
adobeacrobat_reader10.0
adobeacrobat_reader10.0.1
adobeacrobat_reader10.0.2
adobeacrobat_reader10.0.3
adobeacrobat_reader10.1
adobeacrobat_reader10.1.1
adobeacrobat_reader10.1.2
adobeacrobat_reader10.1.3
adobeacrobat_reader10.1.4
adobeacrobat11.0
adobeacrobat_reader11.0

References

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.