PT-2009-4321 · Adobe · Reader+1
Jun Mao
+1
·
Publicado
2009-06-11
·
Atualizado
2017-08-17
·
CVE-2009-1856
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Adobe Reader versions 7.0.0 through 7.1.2
Adobe Reader versions 8.0.0 through 8.1.5
Adobe Reader versions 9.0.0 through 9.1.1
Adobe Acrobat versions 7.0.0 through 7.1.2
Adobe Acrobat versions 8.0.0 through 8.1.5
Adobe Acrobat versions 9.0.0 through 9.1.1
Description:
The issue is caused by an integer overflow in the FlateDecode filter, which can be triggered by a PDF file containing unspecified parameters. This can lead to a denial of service or possibly allow attackers to execute arbitrary code via a heap-based buffer overflow.
Recommendations:
For Adobe Reader versions 7.0.0 through 7.1.2, update to version 7.1.3 or later.
For Adobe Reader versions 8.0.0 through 8.1.5, update to version 8.1.6 or later.
For Adobe Reader versions 9.0.0 through 9.1.1, update to version 9.1.2 or later.
For Adobe Acrobat versions 7.0.0 through 7.1.2, update to version 7.1.3 or later.
For Adobe Acrobat versions 8.0.0 through 8.1.5, update to version 8.1.6 or later.
For Adobe Acrobat versions 9.0.0 through 9.1.1, update to version 9.1.2 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Acrobat
Reader