Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0198

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-0198
Last Modified 04 May 2010 01:40:22
Published 11 Jun 2009 11:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0198

Summary

Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF file that contains JBIG2 text region segments with Huffman encoding.

Vulnerable Systems

Application

  • Adobe Acrobat 7.0

  • Adobe Acrobat 7.0.1

  • Adobe Acrobat 7.0.2

  • Adobe Acrobat 7.0.3

  • Adobe Acrobat 7.0.4

  • Adobe Acrobat 7.0.5

  • Adobe Acrobat 7.0.6

  • Adobe Acrobat 7.0.7

  • Adobe Acrobat 7.0.8

  • Adobe Acrobat 7.0.9

  • Adobe Acrobat 7.1

  • Adobe Acrobat 7.1.0

  • Adobe Acrobat 7.1.1

  • Adobe Acrobat 8.0

  • Adobe Acrobat 8.1

  • Adobe Acrobat 8.1.1

  • Adobe Acrobat 8.1.2

  • Adobe Acrobat 8.1.3

  • Adobe Acrobat 8.1.4

  • Adobe Acrobat 9

  • Adobe Acrobat 9.0

  • Adobe Acrobat 9.0.0

  • Adobe Acrobat 9.1

  • Adobe Acrobat Reader 7.0

  • Adobe Acrobat Reader 7.0.1

  • Adobe Acrobat Reader 7.0.2

  • Adobe Acrobat Reader 7.0.3

  • Adobe Acrobat Reader 7.0.4

  • Adobe Acrobat Reader 7.0.5

  • Adobe Acrobat Reader 7.0.6

  • Adobe Acrobat Reader 7.0.7

  • Adobe Acrobat Reader 7.0.8

  • Adobe Acrobat Reader 7.0.9

  • Adobe Acrobat Reader 7.1

  • Adobe Acrobat Reader 7.1.1

  • Adobe Acrobat Reader 8.0

  • Adobe Acrobat Reader 8.1

  • Adobe Acrobat Reader 8.1.1

  • Adobe Acrobat Reader 8.1.2

  • Adobe Acrobat Reader 8.1.3

  • Adobe Acrobat Reader 8.1.4

  • Adobe Acrobat Reader 8.1.5

  • Adobe Acrobat Reader 9

  • Adobe Acrobat Reader 9.1

  • Adobe Acrobat Reader 9.1.1


References

CERT - TA09-161A

VUPEN - ADV-2009-1547

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb09-07.html

XF - reader-acrobat-jbig2-code-exec(51015)

BID - 35302

BID - 35274

BUGTRAQ - 20090610 Secunia Research: Adobe Reader JBIG2 Text Region Segment Buffer Overflow

REDHAT - RHSA-2009:1109

SECTRACK - 1022361

GENTOO - GLSA-200907-06

MISC - http://secunia.com/secunia_research/2009-24/

SECUNIA - 35734

SECUNIA - 35685

SECUNIA - 35655

SECUNIA - 35496

SECUNIA - 34580

SUSE - SUSE-SR:2009:012

SUSE - SUSE-SA:2009:035

Related Patches

Adobe APSB09-07 Reader 9.1.2 Security Update for Macintosh (PPC)

Adobe APSB09-07 Reader 8.1.6 Security Update for Macintosh (PPC)

Adobe APSB09-07 Acrobat Pro/Std 8.1.6 for Windows (Update) (All Languages)

Adobe APSB09-07 Reader 9.1.2 Security Update for Macintosh (intel)

Adobe APSB09-07 Reader 8.1.6 Security Update for Windows (All Languages)

Adobe APSB09-07 Reader 9.1.2 Security Update for Windows (All Languages)


Last Updated: 27 May 2016 10:50:09