CVE-2009-3953 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-3953 Interim 1 4 2023-07-04T01:40:53Z current 2021-05-30T12:49:07Z 2023-07-04T01:40:53Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-3953 The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html E-Mail link for SUSE-SA:2010:008 https://www.suse.com/support/security/rating/ SUSE Security Ratings The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994. CVE-2009-3953 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C