Unrated severityNVD Advisory· Published Apr 5, 2010· Updated Apr 29, 2026
CVE-2009-4764
CVE-2009-4764
Description
Adobe Reader 8.x and 9.x on Windows is able to execute EXE files that are embedded in a PDF document, which makes it easier for remote attackers to trick users into executing arbitrary code via a crafted document.
Affected products
15cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*+ 14 more
- cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- lists.immunitysec.com/pipermail/dailydave/2010-April/006072.htmlnvd
- lists.immunitysec.com/pipermail/dailydave/2010-April/006074.htmlnvd
- www.metasploit.com/redmine/projects/framework/repository/revisions/8379/changes/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe.rbnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/57994nvd
- forum.immunityinc.com/board/thread/1199/exploiting-pdf-files-without-vulnerabili/nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6976nvd
News mentions
0No linked articles in our index yet.