Vulnerability ID 5968

Adobe Acrobat Reader 9.5.1/10.1.3 buffer overflow

CVSSv3 Temp ScoreCurrent Exploit Price (≈)

A vulnerability classified as critical was found in Adobe Acrobat Reader 9.5.1/10.1.3. This vulnerability affects an unknown function. The manipulation with an unknown input leads to a buffer overflow vulnerability. As an impact it is known to affect confidentiality, integrity, and availability.

The weakness was presented 08/14/2012 by Mateusz Jurczyk and Gynvael Coldwind with Google Security Team as APSB12-16 as bulletin (Website). The advisory is shared for download at The public release was coordinated in cooperation with the vendor. This vulnerability was named CVE-2012-4156 since 08/07/2012. The exploitation appears to be difficult. The attack needs to be initiated within the local network. No form of authentication is required for a successful exploitation. Technical details are unknown but a private exploit is available.

The vulnerability scanner Nessus provides a plugin with the ID 61561 (Adobe Acrobat < 10.1.4 / 9.5.2 Multiple Vulnerabilities (APSB12-16)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Windows. The commercial vulnerability scanner Qualys is able to test this issue with plugin 120295.

Upgrading to version 9.5.2 or 10.1.4 eliminates this vulnerability. The upgrade is hosted for download at A possible mitigation has been published immediately after the disclosure of the vulnerability.

The vulnerability is also documented in the databases at SecurityFocus (BID 54946), Secunia (SA50281) and Vulnerability Center (SBV-35892). Similar entries are available at 5953, 5954, 5955 and 5956.


Base Score: 5.0 [?]
Temp Score: 4.8 [?]
Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:X [?]
Reliability: High


Base Score: 4.3 (CVSS2#AV:A/AC:H/Au:N/C:P/I:P/A:P) [?]
Temp Score: 3.7 (CVSS2#E:ND/RL:OF/RC:ND) [?]
Reliability: High




Class: Buffer overflow (CWE-119)
Local: No
Remote: Partially

Availability: Yes
Access: Private

Current Price Estimation: $25k-$50k (0-day) / $2k-$5k (Today)


Nessus ID: 61561
Nessus Name: Adobe Acrobat < 10.1.4 / 9.5.2 Multiple Vulnerabilities (APSB12-16)
Nessus File: adobe_acrobat_apsb12-16.nasl
Nessus Family: Windows
OpenVAS ID: 802937
OpenVAS Name: Adobe Reader Multiple Vulnerabilities - Mac OS X
OpenVAS File: gb_adobe_prdts_mult_vuln_aug12_macosx.nasl
OpenVAS Family: General
Qualys ID: 120295


Recommended: Upgrade
Status: Official fix
Reaction Time: 0 days since reported
0-Day Time: 0 days since found
Exposure Time: 0 days since known

Upgrade: Acrobat Reader 9.5.2/10.1.4


08/07/2012 CVE assigned
08/14/2012 +7 days Advisory disclosed
08/14/2012 +0 days Countermeasure disclosed
08/14/2012 +0 days OSVDB entry created
08/14/2012 +0 days VulnerabilityCenter entry assigned
08/15/2012 +1 days NVD disclosed
08/15/2012 +0 days VulnerabilityCenter entry created
08/17/2012 +2 days VulDB entry created
11/05/2013 +445 days VulnerabilityCenter entry updated
04/20/2016 +897 days VulDB entry updated


Advisory: APSB12-16
Researcher: Mateusz Jurczyk/Gynvael Coldwind
Organization: Google Security Team
Coordinated: Yes

CVE: CVE-2012-4156 ( ( (

SecurityFocus: 54946
Secunia: 50281 - Adobe Reader / Acrobat Multiple Vulnerabilities, Highly Critical
Vulnerability Center: 35892 - [APSB12-16] Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability (CVE-2012-4156), Critical
OSVDB: 84628 - Adobe Reader / Acrobat Unspecified Memory Corruption (2012-4156)

See also: 5953, 5954, 5955, 5956, 5957, 5958, 5959, 5960, 5961, 5962, 5963, 5964, 5965, 5966


Created: 08/17/2012
Updated: 04/20/2016
Entry: 92.4% complete