PT-2009-1114 · Adobe · Reader+1

Kralor

Publicado

2009-03-19

Atualizado

2025-10-22

CVE-2009-0927

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Reader and Adobe Acrobat versions 9.0 through 9.0, 8.0 through 8.1.2, and 7.0 through 7.1.0

Description The issue is caused by insufficient input validation in the Adobe Acrobat PDF editing program, allowing remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object.

Recommendations For Adobe Reader and Adobe Acrobat versions 9.0 through 9.0, update to version 9.1 or later. For Adobe Reader and Adobe Acrobat versions 8.0 through 8.1.2, update to version 8.1.3 or later. For Adobe Reader and Adobe Acrobat versions 7.0 through 7.1.0, update to version 7.1.1 or later.

Exploit

Correção

Stack Overflow

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-121CWE-20

Identificadores relacionados

BDU:2021-04404

CVE-2009-0927

RHSA-2008:0974

Produtos afetados

Acrobat

Reader

PT-2009-1114 · Adobe · Reader+1

CVE-2009-0927

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 31