{"vulnerability": "CVE-2009-3459", "sightings": [{"uuid": "e6a14459-a6ae-4f88-aa10-b6d6b70523ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-3459", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:39.000000Z"}, {"uuid": "b095c7b6-1b01-4ead-b83e-ae6cc953cdad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-3459", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:08:40.000000Z"}, {"uuid": "e8f1a03b-c833-426d-a359-acd5bf2063c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "db99543d-496c-4eef-ad0a-2df2093364df", "vulnerability": "CVE-2009-3459", "type": "confirmed", "source": "https://www.exploit-db.com/exploits/16652", "content": "", "creation_timestamp": "2010-09-25T00:00:00.000000Z"}, {"uuid": "f3a9e9e1-47e8-41ea-aa6e-2ff04f6f5bf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-3459", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:50.000000Z"}, {"uuid": "c3b5f017-3c85-43be-ad5c-677658e20245", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-3459", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/adobe_flatedecode_predictor02.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "5e768b91-2a30-456d-a797-92a675ddfe7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-3459", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:13.000000Z"}, {"uuid": "fae27742-4d48-4623-8999-08249c779a5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-3459", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/adobe_flatedecode_predictor02.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "3bcd7bc6-9fca-4a9d-b3fa-d5c2c536780f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-3459", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mmcg6ds2r42s", "content": "\ud83d\uded1 CVE-2009-3459\nAdobe Acrobat and Reader\nEPSS 87% / KEV\nTL;DR: Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, \u2026\nhttps://cvesentinel.replit.app/report/CVE-2009-3459?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-05-20T17:22:01.478941Z"}, {"uuid": "96ad0de9-cac8-4f92-9e2b-009cb6378ac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "db99543d-496c-4eef-ad0a-2df2093364df", "vulnerability": "CVE-2009-3459", "type": "confirmed", "source": "https://www.exploit-db.com/exploits/16546", "content": "", "creation_timestamp": "2010-09-20T00:00:00.000000Z"}, {"uuid": "deb09710-0150-420a-b0a2-7a4388967713", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2009-3459", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/16d37892-3a02-4a52-80e4-fe85730f9d88", "content": "", "creation_timestamp": "2026-05-20T18:00:02.624614Z"}, {"uuid": "39973e0b-1bb5-4133-916e-d59067549816", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-3459", "type": "seen", "source": "https://infosec.exchange/users/secdb/statuses/116608677530202595", "content": "\ud83d\udea8 [CISA-2026:0520] CISA Adds 7 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0520)\nCISA has added 7 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.\n\u26a0\ufe0f CVE-2008-4250 (https://secdb.nttzen.cloud/cve/detail/CVE-2008-4250)- Name: Microsoft Windows Buffer Overflow Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Windows- Notes: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067 ; https://nvd.nist.gov/vuln/detail/CVE-2008-4250\n\u26a0\ufe0f CVE-2009-1537 (https://secdb.nttzen.cloud/cve/detail/CVE-2009-1537)- Name: Microsoft DirectX NULL Byte Overwrite Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: DirectX- Notes: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028 ; https://nvd.nist.gov/vuln/detail/CVE-2009-1537\n\u26a0\ufe0f CVE-2009-3459 (https://secdb.nttzen.cloud/cve/detail/CVE-2009-3459)- Name: Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Adobe- Product: Acrobat and Reader- Notes: https://www.cisa.gov/news-events/alerts/2009/10/13/adobe-reader-and-acrobat-vulnerabilities ; https://web.archive.org/web/20120324170253/http://www.adobe.com/support/security/bulletins/apsb09-15.html#:~:text=CVE%2D2009%2D3459).-,NOTE%3A,-There%20are%20reports ; https://nvd.nist.gov/vuln/detail/CVE-2009-3459\n\u26a0\ufe0f CVE-2010-0249 (https://secdb.nttzen.cloud/cve/detail/CVE-2010-0249)- Name: Microsoft Internet Explorer Use-After-Free Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Internet Explorer- Notes: https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2010/979352 ; https://nvd.nist.gov/vuln/detail/CVE-2010-0249\n\u26a0\ufe0f CVE-2010-0806 (https://secdb.nttzen.cloud/cve/detail/CVE-2010-0806)- Name: Microsoft Internet Explorer Use-After-Free Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Internet Explorer- Notes: https://learn.microsoft.com/en-us/security-updates/securityadvisories/2010/981374 ; https://nvd.nist.gov/vuln/detail/CVE-2010-0806\n\u26a0\ufe0f CVE-2026-41091 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41091)- Name: Microsoft Defender Link Following Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Defender- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-41091 ; https://nvd.nist.gov/vuln/detail/CVE-2026-41091\n\u26a0\ufe0f CVE-2026-45498 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-45498)- Name: Microsoft Defender Denial of Service Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Defender- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-45498 ; https://nvd.nist.gov/vuln/detail/CVE-2026-45498\n#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260520 #cisa20260520 #cve_2008_4250 #cve_2009_1537 #cve_2009_3459 #cve_2010_0249 #cve_2010_0806 #cve_2026_41091 #cve_2026_45498 #cve20084250 #cve20091537 #cve20093459 #cve20100249 #cve20100806 #cve202641091 #cve202645498", "creation_timestamp": "2026-05-20T21:13:36.661498Z"}, {"uuid": "70c997f5-0305-4a8c-9729-910f4f26bf0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-3459", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mmhsaa4nxj2i", "content": "The oldest five still being exploited: CVE-2008-4250 (Windows), CVE-2009-1537 (DirectX), CVE-2009-3459 (Adobe Reader), CVE-2010-0249 and CVE-2010-0806 (Internet Explorer). All five were added on May 20.", "creation_timestamp": "2026-05-22T20:41:08.792296Z"}, {"uuid": "a7d41bc7-6294-4513-a034-0c4720c27f96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-3459", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mmnzdevzpf2r", "content": "Oldest CVEs in this batch: CVE-2008-4250 (Microsoft), CVE-2009-1537 (Microsoft), CVE-2009-3459 (Adobe), CVE-2010-0249 (Microsoft), CVE-2010-0806 (Microsoft).", "creation_timestamp": "2026-05-25T08:04:09.784884Z"}]}