VYPR
High severity8.8CISA KEVNVD Advisory· Published Jan 13, 2010· Updated Jun 16, 2026

CVE-2009-3953

CVE-2009-3953

Description

The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*range: >=7.0,<7.1.4
    • (no CPE)range: before 9.3, before 8.2, before 7.1.4
  • cpe:2.3:a:suse:linux_enterprise_debuginfo:11:-:*:*:*:*:*:*
  • OpenSUSE/openSUSE2 versions
    cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise:10.0:sp2:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:suse:linux_enterprise:10.0:sp2:*:*:*:*:*:*
    • cpe:2.3:o:suse:linux_enterprise:10.0:sp3:*:*:*:*:*:*
  • Range: before 9.3, before 8.2, before 7.1.4

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.