1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Adobe Reader Buffer Overflow Vulnerability

Known Exploited Vulnerabilities CVE-2013-0641 Mappings

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2013-0641 Adobe Reader Buffer Overflow Vulnerability secondary_impact T1048 Exfiltration Over Alternative Protocol
Comments
This buffer overflow vulnerability is exploited via malicious-crafted pdf files delivered via targeted emails. Adversaries use this exploit to deliver a remote administration tool with the goal of data exfiltration.
References
  1. https://web.archive.org/web/20150123081503/https://www.fireeye.com/blog/threat-research/2013/02/its-a-kind-of-magic-1.html
  2. https://www.adobe.com/support/security/advisories/apsa13-02.html
  3. https://ubuntu.com/security/CVE-2013-0641
CVE-2013-0641 Adobe Reader Buffer Overflow Vulnerability primary_impact T1105 Ingress Tool Transfer
Comments
This buffer overflow vulnerability is exploited via malicious-crafted pdf files delivered via targeted emails. Adversaries use this exploit to deliver a remote administration tool with the goal of data exfiltration.
References
  1. https://web.archive.org/web/20150123081503/https://www.fireeye.com/blog/threat-research/2013/02/its-a-kind-of-magic-1.html
  2. https://www.adobe.com/support/security/advisories/apsa13-02.html
  3. https://ubuntu.com/security/CVE-2013-0641
CVE-2013-0641 Adobe Reader Buffer Overflow Vulnerability exploitation_technique T1204.002 Malicious File
Comments
This buffer overflow vulnerability is exploited via malicious-crafted pdf files delivered via targeted emails. Adversaries use this exploit to deliver a remote administration tool with the goal of data exfiltration.
References
  1. https://web.archive.org/web/20150123081503/https://www.fireeye.com/blog/threat-research/2013/02/its-a-kind-of-magic-1.html
  2. https://www.adobe.com/support/security/advisories/apsa13-02.html
  3. https://ubuntu.com/security/CVE-2013-0641