CVE-2009-3959

Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document.

Published: Jan 13, 2010
Updated: Nov 9, 2025
CVE: CVE-2009-3959
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-189

Affected Software
References

Software	From	Fixed in
adobe / acrobat	-	9.2.x
adobe / acrobat	3.0	3.0.x
adobe / acrobat	3.1	3.1.x
adobe / acrobat	4.0	4.0.x
adobe / acrobat	4.0.5	4.0.5.x
adobe / acrobat	4.0.5a	4.0.5a.x
adobe / acrobat	4.0.5c	4.0.5c.x
adobe / acrobat	5.0	5.0.x
adobe / acrobat	5.0.5	5.0.5.x
adobe / acrobat	5.0.6	5.0.6.x
adobe / acrobat	5.0.10	5.0.10.x
adobe / acrobat	6.0	6.0.x
adobe / acrobat	6.0.1	6.0.1.x
adobe / acrobat	6.0.2	6.0.2.x
adobe / acrobat	6.0.3	6.0.3.x
adobe / acrobat	6.0.4	6.0.4.x
adobe / acrobat	6.0.5	6.0.5.x
adobe / acrobat	6.0.6	6.0.6.x
adobe / acrobat	7.0	7.0.x
adobe / acrobat	7.0.1	7.0.1.x
adobe / acrobat	7.0.2	7.0.2.x
adobe / acrobat	7.0.3	7.0.3.x
adobe / acrobat	7.0.4	7.0.4.x
adobe / acrobat	7.0.5	7.0.5.x
adobe / acrobat	7.0.6	7.0.6.x
adobe / acrobat	7.0.7	7.0.7.x
adobe / acrobat	7.0.8	7.0.8.x
adobe / acrobat	7.0.9	7.0.9.x
adobe / acrobat	7.1.0	7.1.0.x
adobe / acrobat	7.1.1	7.1.1.x
adobe / acrobat	7.1.2	7.1.2.x
adobe / acrobat	7.1.3	7.1.3.x
adobe / acrobat	7.1.4	7.1.4.x
adobe / acrobat	8.0	8.0.x
adobe / acrobat	8.1	8.1.x
adobe / acrobat	8.1.1	8.1.1.x
adobe / acrobat	8.1.2	8.1.2.x
adobe / acrobat	8.1.3	8.1.3.x
adobe / acrobat	8.1.4	8.1.4.x
adobe / acrobat	8.1.5	8.1.5.x
adobe / acrobat	8.1.6	8.1.6.x
adobe / acrobat	8.1.7	8.1.7.x
adobe / acrobat	9.0	9.0.x
adobe / acrobat	9.1	9.1.x
adobe / acrobat	9.1.1	9.1.1.x
adobe / acrobat	9.1.2	9.1.2.x
adobe / acrobat	9.1.3	9.1.3.x
adobe / acrobat_reader	-	9.2.x
adobe / acrobat_reader	3.0	3.0.x
adobe / acrobat_reader	3.01	3.01.x
adobe / acrobat_reader	3.02	3.02.x
adobe / acrobat_reader	4.0	4.0.x
adobe / acrobat_reader	4.0.5	4.0.5.x
adobe / acrobat_reader	4.0.5a	4.0.5a.x
adobe / acrobat_reader	4.0.5c	4.0.5c.x
adobe / acrobat_reader	4.5	4.5.x
adobe / acrobat_reader	5.0	5.0.x
adobe / acrobat_reader	5.0.5	5.0.5.x
adobe / acrobat_reader	5.0.6	5.0.6.x
adobe / acrobat_reader	5.0.7	5.0.7.x
adobe / acrobat_reader	5.0.9	5.0.9.x
adobe / acrobat_reader	5.0.10	5.0.10.x
adobe / acrobat_reader	5.0.11	5.0.11.x
adobe / acrobat_reader	5.1	5.1.x
adobe / acrobat_reader	6.0	6.0.x
adobe / acrobat_reader	6.0.1	6.0.1.x
adobe / acrobat_reader	6.0.2	6.0.2.x
adobe / acrobat_reader	6.0.3	6.0.3.x
adobe / acrobat_reader	6.0.4	6.0.4.x
adobe / acrobat_reader	6.0.5	6.0.5.x
adobe / acrobat_reader	7.0	7.0.x
adobe / acrobat_reader	7.0.1	7.0.1.x
adobe / acrobat_reader	7.0.2	7.0.2.x
adobe / acrobat_reader	7.0.3	7.0.3.x
adobe / acrobat_reader	7.0.4	7.0.4.x
adobe / acrobat_reader	7.0.5	7.0.5.x
adobe / acrobat_reader	7.0.6	7.0.6.x
adobe / acrobat_reader	7.0.7	7.0.7.x
adobe / acrobat_reader	7.0.8	7.0.8.x
adobe / acrobat_reader	7.0.9	7.0.9.x
adobe / acrobat_reader	7.1.0	7.1.0.x
adobe / acrobat_reader	7.1.1	7.1.1.x
adobe / acrobat_reader	7.1.2	7.1.2.x
adobe / acrobat_reader	7.1.3	7.1.3.x
adobe / acrobat_reader	8.0	8.0.x
adobe / acrobat_reader	8.1	8.1.x
adobe / acrobat_reader	8.1.1	8.1.1.x
adobe / acrobat_reader	8.1.2	8.1.2.x
adobe / acrobat_reader	8.1.4	8.1.4.x
adobe / acrobat_reader	8.1.5	8.1.5.x
adobe / acrobat_reader	8.1.6	8.1.6.x
adobe / acrobat_reader	8.1.7	8.1.7.x
adobe / acrobat_reader	9.0	9.0.x
adobe / acrobat_reader	9.1	9.1.x
adobe / acrobat_reader	9.1.1	9.1.1.x
adobe / acrobat_reader	9.1.2	9.1.2.x
adobe / acrobat_reader	9.1.3	9.1.3.x

Vulnerability Database

314,496

CVE-2009-3959

Deep Security Visibility Without the Complexity