PT-2009-1114 · Adobe · Reader+1

Kralor

Published

2009-03-19

Updated

2025-10-22

CVE-2009-0927

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Reader and Adobe Acrobat versions 9.0 through 9.0, 8.0 through 8.1.2, and 7.0 through 7.1.0

Description The issue is caused by insufficient input validation in the Adobe Acrobat PDF editing program, allowing remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object.

Recommendations For Adobe Reader and Adobe Acrobat versions 9.0 through 9.0, update to version 9.1 or later. For Adobe Reader and Adobe Acrobat versions 8.0 through 8.1.2, update to version 8.1.3 or later. For Adobe Reader and Adobe Acrobat versions 7.0 through 7.1.0, update to version 7.1.1 or later.

Exploit

Fix

Stack Overflow

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-20

Related Identifiers

BDU:2021-04404

CVE-2009-0927

RHSA-2008:0974

Affected Products

Acrobat

Reader

PT-2009-1114 · Adobe · Reader+1

CVE-2009-0927

Weakness Enumeration

Related Identifiers

Affected Products

References · 31