CVE-2009-3459
Published: 13 October 2009
Summary
CVE-2009-3459 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Adobe Acrobat. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 0.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
A heap-based buffer overflow vulnerability, also referenced under CWE-119 and CWE-122, affects Adobe Reader and Acrobat versions 7.x prior to 7.1.4, 8.x prior to 8.1.7, and 9.x prior to 9.2. The flaw resides in PDF processing code and can trigger memory corruption when a specially crafted document is handled.
Remote attackers can exploit the issue by supplying a malicious PDF file, enabling arbitrary code execution on the target system. The vulnerability carries a CVSS score of 8.8 and was observed being exploited in the wild during October 2009.
Adobe security bulletins APSB09-15 and the associated PSIRT advisory, along with vendor updates from Secunia and SecurityTracker, direct users to apply the fixed releases to address the exposure. The issue was publicly disclosed with confirmation of active exploitation at the time of release.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2009-3441
Vulnerability details
Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in…
more
October 2009. NOTE: some of these details are obtained from third party information.
- CWE(s)
- KEV Date Added
- 20 May 2026
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires applying the vendor patches (7.1.4/8.1.7/9.2) that eliminate the heap buffer overflow in PDF processing.
Employs memory-protection techniques that block exploitation of the heap-based overflow (CWE-119/122) before arbitrary code executes.
Malicious-code detection on PDF files can block or alert on the specially crafted documents used to trigger the overflow.