PT-2009-4326 · Adobe · Reader+1
Will Dormann
·
Published
2009-06-11
·
Updated
2010-05-04
·
CVE-2009-1861
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Adobe Reader versions 7.0.0 through 7.1.2
Adobe Reader versions 8.0.0 through 8.1.5
Adobe Reader versions 9.0.0 through 9.1.1
Adobe Acrobat versions 7.0.0 through 7.1.2
Adobe Acrobat versions 8.0.0 through 8.1.5
Adobe Acrobat versions 9.0.0 through 9.1.1
Description:
The issue is related to multiple heap-based buffer overflows that might allow remote attackers to execute arbitrary code or cause a denial of service via a crafted PDF file with a JPX stream. This can trigger heap memory corruption.
Recommendations:
For Adobe Reader versions 7.0.0 through 7.1.2, update to version 7.1.3 or later.
For Adobe Reader versions 8.0.0 through 8.1.5, update to version 8.1.6 or later.
For Adobe Reader versions 9.0.0 through 9.1.1, update to version 9.1.2 or later.
For Adobe Acrobat versions 7.0.0 through 7.1.2, update to version 7.1.3 or later.
For Adobe Acrobat versions 8.0.0 through 8.1.5, update to version 8.1.6 or later.
For Adobe Acrobat versions 9.0.0 through 9.1.1, update to version 9.1.2 or later.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acrobat
Reader