ID CVE-2009-3462
Summary Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."
References
Vulnerable Configurations
  • Adobe Acrobat 7.0
    cpe:2.3:a:adobe:acrobat:7.0
  • Adobe Acrobat 7.0.1
    cpe:2.3:a:adobe:acrobat:7.0.1
  • Adobe Acrobat 7.0.2
    cpe:2.3:a:adobe:acrobat:7.0.2
  • cpe:2.3:a:adobe:acrobat:7.0.3
  • Adobe Acrobat 7.0.4
    cpe:2.3:a:adobe:acrobat:7.0.4
  • Adobe Acrobat 7.0.5
    cpe:2.3:a:adobe:acrobat:7.0.5
  • cpe:2.3:a:adobe:acrobat:7.0.6
  • cpe:2.3:a:adobe:acrobat:7.0.7
  • cpe:2.3:a:adobe:acrobat:7.0.8
  • cpe:2.3:a:adobe:acrobat:7.0.9
  • cpe:2.3:a:adobe:acrobat:7.1.0
  • cpe:2.3:a:adobe:acrobat:7.1.1
  • Adobe Acrobat 7.1.3
    cpe:2.3:a:adobe:acrobat:7.1.3
  • cpe:2.3:a:adobe:acrobat:8.0
  • Adobe Acrobat 8.1
    cpe:2.3:a:adobe:acrobat:8.1
  • Adobe Acrobat 8.1.1
    cpe:2.3:a:adobe:acrobat:8.1.1
  • cpe:2.3:a:adobe:acrobat:8.1.2
  • Adobe Acrobat 8.1.3
    cpe:2.3:a:adobe:acrobat:8.1.3
  • Adobe Acrobat 8.1.4
    cpe:2.3:a:adobe:acrobat:8.1.4
  • cpe:2.3:a:adobe:acrobat:8.1.6
  • Adobe Acrobat 9.0
    cpe:2.3:a:adobe:acrobat:9.0
  • Adobe Acrobat 9.1.1
    cpe:2.3:a:adobe:acrobat:9.1.1
  • cpe:2.3:a:adobe:acrobat:9.1.2
  • Adobe Acrobat 9.1.3
    cpe:2.3:a:adobe:acrobat:9.1.3
  • cpe:2.3:a:adobe:acrobat_reader:7.0
  • Adobe Acrobat Reader 7.0.1
    cpe:2.3:a:adobe:acrobat_reader:7.0.1
  • Adobe Acrobat Reader 7.0.2
    cpe:2.3:a:adobe:acrobat_reader:7.0.2
  • cpe:2.3:a:adobe:acrobat_reader:7.0.3
  • cpe:2.3:a:adobe:acrobat_reader:7.0.4
  • cpe:2.3:a:adobe:acrobat_reader:7.0.5
  • Adobe Acrobat Reader 7.0.6
    cpe:2.3:a:adobe:acrobat_reader:7.0.6
  • cpe:2.3:a:adobe:acrobat_reader:7.0.7
  • cpe:2.3:a:adobe:acrobat_reader:7.0.8
  • cpe:2.3:a:adobe:acrobat_reader:7.0.9
  • Adobe Acrobat Reader 7.1.0
    cpe:2.3:a:adobe:acrobat_reader:7.1.0
  • cpe:2.3:a:adobe:acrobat_reader:7.1.1
    cpe:2.3:a:adobe:acrobat_reader:7.1.1
  • cpe:2.3:a:adobe:acrobat_reader:7.1.3
    cpe:2.3:a:adobe:acrobat_reader:7.1.3
  • Adobe Acrobat Reader 8.0
    cpe:2.3:a:adobe:acrobat_reader:8.0
  • Adobe Acrobat Reader 8.1
    cpe:2.3:a:adobe:acrobat_reader:8.1
  • Adobe Acrobat Reader 8.1.1
    cpe:2.3:a:adobe:acrobat_reader:8.1.1
  • Adobe Acrobat Reader 8.1.2
    cpe:2.3:a:adobe:acrobat_reader:8.1.2
  • Adobe Acrobat Reader 8.1.3
    cpe:2.3:a:adobe:acrobat_reader:8.1.3
  • Adobe Acrobat Reader 8.1.4
    cpe:2.3:a:adobe:acrobat_reader:8.1.4
  • Adobe Acrobat Reader 8.1.5
    cpe:2.3:a:adobe:acrobat_reader:8.1.5
  • Adobe Acrobat Reader 8.1.6
    cpe:2.3:a:adobe:acrobat_reader:8.1.6
  • Adobe Acrobat Reader 9.0
    cpe:2.3:a:adobe:acrobat_reader:9.0
  • Adobe Acrobat Reader 9.1
    cpe:2.3:a:adobe:acrobat_reader:9.1
  • Adobe Acrobat Reader 9.1.1
    cpe:2.3:a:adobe:acrobat_reader:9.1.1
  • Adobe Acrobat Reader 9.1.2
    cpe:2.3:a:adobe:acrobat_reader:9.1.2
  • Adobe Acrobat Reader 9.1.3
    cpe:2.3:a:adobe:acrobat_reader:9.1.3
CVSS
Base: 5.1 (as of 20-10-2009 - 11:31)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200910-03.NASL
    description The remote host is affected by the vulnerability described in GLSA-200910-03 (Adobe Reader: Multiple vulnerabilities) Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletin referenced below. Impact : A remote attacker might entice a user to open a specially crafted PDF file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, Denial of Service, the creation of arbitrary files on the victim's system, 'Trust Manager' bypass, or social engineering attacks. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 42239
    published 2009-10-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42239
    title GLSA-200910-03 : Adobe Reader: Multiple vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1499.NASL
    description Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). Multiple flaws were discovered in Adobe Reader. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2009-2980, CVE-2009-2983, CVE-2009-2985, CVE-2009-2986, CVE-2009-2990, CVE-2009-2991, CVE-2009-2993, CVE-2009-2994, CVE-2009-2996, CVE-2009-2997, CVE-2009-2998, CVE-2009-3458, CVE-2009-3459, CVE-2009-3462) Multiple flaws were discovered in Adobe Reader. A specially crafted PDF file could cause Adobe Reader to crash when opened. (CVE-2009-2979, CVE-2009-2988, CVE-2009-3431) An input validation flaw was found in Adobe Reader. Opening a specially crafted PDF file could lead to a Trust Manager restrictions bypass. (CVE-2009-2981) All Adobe Reader users should install these updated packages. They contain Adobe Reader version 8.1.7, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 42134
    published 2009-10-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42134
    title RHEL 3 / 4 / 5 : acroread (RHSA-2009:1499)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_ACROREAD_JA-6585.NASL
    description Adobe Reader has been updated to fix numerous security vulnerabilities. Some of the vulnerabilities allowed attackers to potentially execute arbitrary code on the victim's system via specially crafted PDF files. (CVE-2007-0048 / CVE-2007-0045 / CVE-2009-2564 / CVE-2009-2979 / CVE-2009-2980 / CVE-2009-2981 / CVE-2009-2982 / CVE-2009-2983 / CVE-2009-2985 / CVE-2009-2986 / CVE-2009-2988 / CVE-2009-2990 / CVE-2009-2991 / CVE-2009-2992 / CVE-2009-2993 / CVE-2009-2994 / CVE-2009-2996 / CVE-2009-2997 / CVE-2009-2998 / CVE-2009-3431 / CVE-2009-3458 / CVE-2009-3459 / CVE-2009-3462)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 51709
    published 2011-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51709
    title SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6585)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_ACROREAD_JA-6584.NASL
    description Adobe Reader has been updated to fix numerous security vulnerabilities. Some of the vulnerabilities allowed attackers to potentially execute arbitrary code on the victim's system via specially crafted PDF files. (CVE-2007-0048 / CVE-2007-0045 / CVE-2009-2564 / CVE-2009-2979 / CVE-2009-2980 / CVE-2009-2981 / CVE-2009-2982 / CVE-2009-2983 / CVE-2009-2985 / CVE-2009-2986 / CVE-2009-2988 / CVE-2009-2990 / CVE-2009-2991 / CVE-2009-2992 / CVE-2009-2993 / CVE-2009-2994 / CVE-2009-2996 / CVE-2009-2997 / CVE-2009-2998 / CVE-2009-3431 / CVE-2009-3458 / CVE-2009-3459 / CVE-2009-3462)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 51708
    published 2011-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51708
    title SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6584)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_ACROREAD-091022.NASL
    description Adobe Reader has been updated to fix numerous security vulnerabilities. Some of the vulnerabilities allowed attackers to potentially execute arbitrary code on the victim's system via specially crafted PDF files. (CVE-2007-0048, CVE-2007-0045, CVE-2009-2564,CVE-2009-2979, CVE-2009-2980, CVE-2009-2981, CVE-2009-2982, CVE-2009-2983, CVE-2009-2985, CVE-2009-2986, CVE-2009-2988, CVE-2009-2990, CVE-2009-2991, CVE-2009-2992, CVE-2009-2993, CVE-2009-2994, CVE-2009-2996, CVE-2009-2997, CVE-2009-2998, CVE-2009-3431, CVE-2009-3458, CVE-2009-3459, CVE-2009-3462)
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 42247
    published 2009-10-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42247
    title openSUSE Security Update : acroread (acroread-1426)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_ACROREAD-091022.NASL
    description Adobe Reader has been updated to fix numerous security vulnerabilities. Some of the vulnerabilities allowed attackers to potentially execute arbitrary code on the victim's system via specially crafted PDF files. (CVE-2007-0048, CVE-2007-0045, CVE-2009-2564,CVE-2009-2979, CVE-2009-2980, CVE-2009-2981, CVE-2009-2982, CVE-2009-2983, CVE-2009-2985, CVE-2009-2986, CVE-2009-2988, CVE-2009-2990, CVE-2009-2991, CVE-2009-2992, CVE-2009-2993, CVE-2009-2994, CVE-2009-2996, CVE-2009-2997, CVE-2009-2998, CVE-2009-3431, CVE-2009-3458, CVE-2009-3459, CVE-2009-3462)
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 42244
    published 2009-10-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42244
    title openSUSE Security Update : acroread (acroread-1426)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_ACROREAD-091022.NASL
    description Adobe Reader has been updated to fix numerous security vulnerabilities. Some of the vulnerabilities allowed attackers to potentially execute arbitrary code on the victim's system via specially crafted PDF files. (CVE-2007-0048 / CVE-2007-0045 / CVE-2009-2564 / CVE-2009-2979 / CVE-2009-2980 / CVE-2009-2981 / CVE-2009-2982 / CVE-2009-2983 / CVE-2009-2985 / CVE-2009-2986 / CVE-2009-2988 / CVE-2009-2990 / CVE-2009-2991 / CVE-2009-2992 / CVE-2009-2993 / CVE-2009-2994 / CVE-2009-2996 / CVE-2009-2997 / CVE-2009-2998 / CVE-2009-3431 / CVE-2009-3458 / CVE-2009-3459 / CVE-2009-3462)
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 42250
    published 2009-10-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42250
    title SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 1425)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_ACROREAD-6583.NASL
    description Adobe Reader has been updated to fix numerous security vulnerabilities. Some of the vulnerabilities allowed attackers to potentially execute arbitrary code on the victim's system via specially crafted PDF files. (CVE-2007-0048 / CVE-2007-0045 / CVE-2009-2564 / CVE-2009-2979 / CVE-2009-2980 / CVE-2009-2981 / CVE-2009-2982 / CVE-2009-2983 / CVE-2009-2985 / CVE-2009-2986 / CVE-2009-2988 / CVE-2009-2990 / CVE-2009-2991 / CVE-2009-2992 / CVE-2009-2993 / CVE-2009-2994 / CVE-2009-2996 / CVE-2009-2997 / CVE-2009-2998 / CVE-2009-3431 / CVE-2009-3458 / CVE-2009-3459 / CVE-2009-3462)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 51694
    published 2011-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51694
    title SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6583)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_ACROREAD-6588.NASL
    description Adobe Reader has been updated to fix numerous security vulnerabilities. Some of the vulnerabilities allowed attackers to potentially execute arbitrary code on the victim's system via specially crafted PDF files. (CVE-2007-0048, CVE-2007-0045, CVE-2009-2564,CVE-2009-2979, CVE-2009-2980, CVE-2009-2981, CVE-2009-2982, CVE-2009-2983, CVE-2009-2985, CVE-2009-2986, CVE-2009-2988, CVE-2009-2990, CVE-2009-2991, CVE-2009-2992, CVE-2009-2993, CVE-2009-2994, CVE-2009-2996, CVE-2009-2997, CVE-2009-2998, CVE-2009-3431, CVE-2009-3458, CVE-2009-3459, CVE-2009-3462)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 42318
    published 2009-10-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42318
    title openSUSE 10 Security Update : acroread (acroread-6588)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_ACROREAD_JA-091022.NASL
    description Adobe Reader has been updated to fix numerous security vulnerabilities. Some of the vulnerabilities allowed attackers to potentially execute arbitrary code on the victim's system via specially crafted PDF files. (CVE-2007-0048 / CVE-2007-0045 / CVE-2009-2564 / CVE-2009-2979 / CVE-2009-2980 / CVE-2009-2981 / CVE-2009-2982 / CVE-2009-2983 / CVE-2009-2985 / CVE-2009-2986 / CVE-2009-2988 / CVE-2009-2990 / CVE-2009-2991 / CVE-2009-2992 / CVE-2009-2993 / CVE-2009-2994 / CVE-2009-2996 / CVE-2009-2997 / CVE-2009-2998 / CVE-2009-3431 / CVE-2009-3458 / CVE-2009-3459 / CVE-2009-3462)
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 42251
    published 2009-10-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42251
    title SuSE 11 Security Update : acroread_ja (SAT Patch Number 1424)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_ACROREAD-6582.NASL
    description Adobe Reader has been updated to fix numerous security vulnerabilities. Some of the vulnerabilities allowed attackers to potentially execute arbitrary code on the victim's system via specially crafted PDF files. (CVE-2007-0048 / CVE-2007-0045 / CVE-2009-2564 / CVE-2009-2979 / CVE-2009-2980 / CVE-2009-2981 / CVE-2009-2982 / CVE-2009-2983 / CVE-2009-2985 / CVE-2009-2986 / CVE-2009-2988 / CVE-2009-2990 / CVE-2009-2991 / CVE-2009-2992 / CVE-2009-2993 / CVE-2009-2994 / CVE-2009-2996 / CVE-2009-2997 / CVE-2009-2998 / CVE-2009-3431 / CVE-2009-3458 / CVE-2009-3459 / CVE-2009-3462)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 51693
    published 2011-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51693
    title SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6582)
oval via4
accepted 2013-08-12T04:09:29.833-04:00
class vulnerability
contributors
  • name Chandan S
    organization SecPod Technologies
  • name Benjamin Marandel
    organization Marandel.net
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Shane Shaffer
    organization G2, Inc.
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Adobe Reader 7 Series is installed
    oval oval:org.mitre.oval:def:6377
  • comment Adobe Reader 8 Series is installed
    oval oval:org.mitre.oval:def:6390
  • comment Adobe Reader 9 Series is installed
    oval oval:org.mitre.oval:def:6523
  • comment Adobe Acrobat 7 Series is installed
    oval oval:org.mitre.oval:def:6213
  • comment Adobe Acrobat 8 Series is installed
    oval oval:org.mitre.oval:def:6452
  • comment Adobe Acrobat 9 Series is installed
    oval oval:org.mitre.oval:def:6013
description Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."
family windows
id oval:org.mitre.oval:def:6429
status deprecated
submitted 2009-10-23T03:25:55
title DEPRECATED: Adobe Reader and Acrobat 'format bug' remote arbitrary code execution
version 19
redhat via4
advisories
bugzilla
id 528666
title CVE-2009-2981 acroread: Trust Manager restrictions bypass fixed in 8.1.7 (APSB09-15)
oval
AND
  • comment Red Hat Enterprise Linux 5 is installed
    oval oval:com.redhat.rhsa:tst:20070055001
  • OR
    • AND
      • comment acroread is earlier than 0:8.1.7-1.el5
        oval oval:com.redhat.rhsa:tst:20091499002
      • comment acroread is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20080144003
    • AND
      • comment acroread-plugin is earlier than 0:8.1.7-1.el5
        oval oval:com.redhat.rhsa:tst:20091499004
      • comment acroread-plugin is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20080144005
rhsa
id RHSA-2009:1499
released 2009-10-14
severity Critical
title RHSA-2009:1499: acroread security update (Critical)
rpms
  • acroread-0:8.1.7-1.el5
  • acroread-plugin-0:8.1.7-1.el5
refmap via4
bid 36638
cert TA09-286B
confirm http://www.adobe.com/support/security/bulletins/apsb09-15.html
sectrack 1023007
vupen ADV-2009-2898
saint via4
bid 36638
description Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
id misc_acroread
osvdb 58926
title adobe_reader_u3d_clodmeshdeclaration
type client
Last major update 21-08-2010 - 01:35
Published 19-10-2009 - 18:30
Last modified 30-10-2018 - 12:25
Back to Top