Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0193

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-0193
Last Modified 28 Apr 2009 12:00:00
Published 24 Mar 2009 09:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0193

Summary

Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-1061 and CVE-2009-1062.

Vulnerable Systems

Application

  • Adobe Acrobat 7.0

  • Adobe Acrobat 7.0.1

  • Adobe Acrobat 7.0.2

  • Adobe Acrobat 7.0.3

  • Adobe Acrobat 7.0.5

  • Adobe Acrobat 7.0.7

  • Adobe Acrobat 7.0.8

  • Adobe Acrobat 7.0.9

  • Adobe Acrobat 7.1.0

  • Adobe Acrobat 8.0

  • Adobe Acrobat 8.1

  • Adobe Acrobat 8.1.1

  • Adobe Acrobat 8.1.2

  • Adobe Acrobat 9.0

  • Adobe Reader 7.0.1

  • Adobe Reader 7.0.2

  • Adobe Reader 7.0.3

  • Adobe Reader 7.0.5

  • Adobe Reader 7.0.7

  • Adobe Reader 7.0.8

  • Adobe Reader 7.0.9

  • Adobe Reader 7.1.0

  • Adobe Reader 8.1.1

  • Adobe Reader 8.1.2

  • Adobe Reader 9.0


References

BID - 34229

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb09-04.html

VUPEN - ADV-2009-1019

SECTRACK - 1021892

BUGTRAQ - 20090325 Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow

REDHAT - RHSA-2009:0376

SUNALERT - 256788

GENTOO - GLSA-200904-17

MISC - http://secunia.com/secunia_research/2009-14/

SECUNIA - 34790

SECUNIA - 34706

SECUNIA - 34490

SECUNIA - 34392

SUSE - SUSE-SR:2009:009

SUSE - SUSE-SA:2009:014

Related Patches

Adobe APSB09-03 APSB09-04 Reader 8.1.4 Security Update for Macintosh (PPC)


Last Updated: 27 May 2016 10:50:09