Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2009-0658 (GCVE-0-2009-0658)
Vulnerability from cvelistv5 – Published: 2009-02-20 19:00 – Updated: 2024-08-07 04:40
VLAI
EPSS
Summary
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
26 references
Date Public
2009-02-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:40:05.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
},
{
"name": "34790",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"name": "8099",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8099"
},
{
"name": "oval:org.mitre.oval:def:5697",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
},
{
"name": "TA09-051A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
},
{
"name": "52073",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52073"
},
{
"name": "34490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34490"
},
{
"name": "33901",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33901"
},
{
"name": "RHSA-2009:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
},
{
"name": "34392",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34392"
},
{
"name": "SUSE-SA:2009:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
},
{
"name": "34706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34706"
},
{
"name": "ADV-2009-0472",
"tags": [
"third-party-advisory",
"x_refsource_FRSIRT",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0472"
},
{
"name": "VU#905281",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/905281"
},
{
"name": "256788",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
},
{
"name": "33751",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33751"
},
{
"name": "adobe-acrobat-reader-image-bo(48825)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
},
{
"name": "1021739",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021739"
},
{
"name": "8090",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8090"
},
{
"name": "GLSA-200904-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "ADV-2009-1019",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1019"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
},
{
"name": "34790",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"name": "8099",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8099"
},
{
"name": "oval:org.mitre.oval:def:5697",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
},
{
"name": "TA09-051A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
},
{
"name": "52073",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52073"
},
{
"name": "34490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34490"
},
{
"name": "33901",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33901"
},
{
"name": "RHSA-2009:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
},
{
"name": "34392",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34392"
},
{
"name": "SUSE-SA:2009:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
},
{
"name": "34706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34706"
},
{
"name": "ADV-2009-0472",
"tags": [
"third-party-advisory",
"x_refsource_FRSIRT"
],
"url": "http://www.vupen.com/english/advisories/2009/0472"
},
{
"name": "VU#905281",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/905281"
},
{
"name": "256788",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
},
{
"name": "33751",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33751"
},
{
"name": "adobe-acrobat-reader-image-bo(48825)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
},
{
"name": "1021739",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021739"
},
{
"name": "8090",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8090"
},
{
"name": "GLSA-200904-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "ADV-2009-1019",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1019"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219",
"refsource": "MISC",
"url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
},
{
"name": "34790",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34790"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb09-04.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"name": "8099",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8099"
},
{
"name": "oval:org.mitre.oval:def:5697",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
},
{
"name": "http://isc.sans.org/diary.html?n\u0026storyid=5902",
"refsource": "MISC",
"url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
},
{
"name": "TA09-051A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
},
{
"name": "http://www.adobe.com/support/security/advisories/apsa09-01.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
},
{
"name": "52073",
"refsource": "OSVDB",
"url": "http://osvdb.org/52073"
},
{
"name": "34490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34490"
},
{
"name": "33901",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33901"
},
{
"name": "RHSA-2009:0376",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
},
{
"name": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2",
"refsource": "MISC",
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
},
{
"name": "34392",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34392"
},
{
"name": "SUSE-SA:2009:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
},
{
"name": "34706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34706"
},
{
"name": "ADV-2009-0472",
"refsource": "FRSIRT",
"url": "http://www.vupen.com/english/advisories/2009/0472"
},
{
"name": "VU#905281",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/905281"
},
{
"name": "256788",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
},
{
"name": "33751",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33751"
},
{
"name": "adobe-acrobat-reader-image-bo(48825)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
},
{
"name": "1021739",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021739"
},
{
"name": "8090",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8090"
},
{
"name": "GLSA-200904-17",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
},
{
"name": "SUSE-SR:2009:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "ADV-2009-1019",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1019"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0658",
"datePublished": "2009-02-20T19:00:00.000Z",
"dateReserved": "2009-02-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:40:05.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2009-0658",
"date": "2026-05-29",
"epss": "0.92009",
"percentile": "0.99715"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.0\", \"versionEndIncluding\": \"7.1.1\", \"matchCriteriaId\": \"C45837B4-F4F9-45DC-B324-48BD4AB51973\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0\", \"versionEndIncluding\": \"8.1.4\", \"matchCriteriaId\": \"5C1BEE55-AAE2-4D61-9156-7E34692469C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AA53564-9ACD-4CFB-9AAC-A77440026A57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.0\", \"versionEndIncluding\": \"7.1.1\", \"matchCriteriaId\": \"4BB02266-8184-4A96-A1F0-66C9A3F0A329\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0\", \"versionEndIncluding\": \"8.1.4\", \"matchCriteriaId\": \"07DD4484-A823-4B8B-8939-44A553E2FD63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"562772F1-1627-438E-A6B8-7D1AA5536086\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.\"}, {\"lang\": \"es\", \"value\": \"Un desbordamiento del b\\u00fafer en Adobe Reader versi\\u00f3n 9.0 y anteriores, y Acrobat versi\\u00f3n 9.0 y anteriores, permite a los atacantes remotos ejecutar c\\u00f3digo arbitrario por medio de un documento PDF creado, relacionado con una llamada a una funci\\u00f3n que no sea JavaScript y posiblemente una secuencia de im\\u00e1genes del componente JBIG2 incrustada, tal como se explot\\u00f3 \\u201cin the wild\\u201d en febrero de 2009 por Trojan.Pidief.E.\"}]",
"id": "CVE-2009-0658",
"lastModified": "2024-11-21T01:00:37.893",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2009-02-20T19:30:00.390",
"references": "[{\"url\": \"http://isc.sans.org/diary.html?n\u0026storyid=5902\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://osvdb.org/52073\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/33901\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34392\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34490\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34706\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34790\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200904-17.xml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.adobe.com/support/security/advisories/apsa09-01.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb09-04.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/905281\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2009-0376.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/33751\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id?1021739\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-051A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/0472\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1019\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/48825\", \"source\": \"cve@mitre.org\", \"tags\": [\"VDB Entry\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697\", \"source\": \"cve@mitre.org\", \"tags\": [\"Tool Signature\"]}, {\"url\": \"https://www.exploit-db.com/exploits/8090\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/8099\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://isc.sans.org/diary.html?n\u0026storyid=5902\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://osvdb.org/52073\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/33901\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34392\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34490\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34706\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34790\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200904-17.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.adobe.com/support/security/advisories/apsa09-01.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb09-04.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/905281\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2009-0376.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/33751\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id?1021739\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-051A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/0472\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1019\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/48825\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"VDB Entry\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Tool Signature\"]}, {\"url\": \"https://www.exploit-db.com/exploits/8090\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/8099\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2009-0658\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-02-20T19:30:00.390\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento del b\u00fafer en Adobe Reader versi\u00f3n 9.0 y anteriores, y Acrobat versi\u00f3n 9.0 y anteriores, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un documento PDF creado, relacionado con una llamada a una funci\u00f3n que no sea JavaScript y posiblemente una secuencia de im\u00e1genes del componente JBIG2 incrustada, tal como se explot\u00f3 \u201cin the wild\u201d en febrero de 2009 por Trojan.Pidief.E.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndIncluding\":\"7.1.1\",\"matchCriteriaId\":\"C45837B4-F4F9-45DC-B324-48BD4AB51973\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0\",\"versionEndIncluding\":\"8.1.4\",\"matchCriteriaId\":\"5C1BEE55-AAE2-4D61-9156-7E34692469C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AA53564-9ACD-4CFB-9AAC-A77440026A57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndIncluding\":\"7.1.1\",\"matchCriteriaId\":\"4BB02266-8184-4A96-A1F0-66C9A3F0A329\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0\",\"versionEndIncluding\":\"8.1.4\",\"matchCriteriaId\":\"07DD4484-A823-4B8B-8939-44A553E2FD63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"562772F1-1627-438E-A6B8-7D1AA5536086\"}]}]}],\"references\":[{\"url\":\"http://isc.sans.org/diary.html?n\u0026storyid=5902\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://osvdb.org/52073\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/33901\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/34392\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/34490\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/34706\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/34790\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200904-17.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/advisories/apsa09-01.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb09-04.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/905281\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2009-0376.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/33751\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1021739\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-051A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0472\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1019\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/48825\",\"source\":\"cve@mitre.org\",\"tags\":[\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697\",\"source\":\"cve@mitre.org\",\"tags\":[\"Tool Signature\"]},{\"url\":\"https://www.exploit-db.com/exploits/8090\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/8099\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://isc.sans.org/diary.html?n\u0026storyid=5902\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://osvdb.org/52073\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/33901\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/34392\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/34490\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/34706\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/34790\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200904-17.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/advisories/apsa09-01.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb09-04.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/905281\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2009-0376.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/33751\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1021739\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-051A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0472\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1019\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/48825\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Tool Signature\"]},{\"url\":\"https://www.exploit-db.com/exploits/8090\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/8099\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
}
}
CERTA-2009-ALE-001
Vulnerability from certfr_alerte - Published: - Updated:
Une vulnérabilité dans les produits Adobe permet à un utilisateur malveillant d'exécuter du code arbitraire à distance.
Description
Une erreur dans les produits Adobe relative à l'interprétation des objets encodés au format JBIG2 dans des fichiers PDF permet à un utilisateur de provoquer inopinément l'arrêt du logiciel (crash).
Elle permet également l'exécution de code arbitraire sur le système vulnérable avec les droits de l'utilisateur.
L'exploitation de la vulnérabilité ne nécessite pas nécessairement :
- l'intervention de l'utilisateur ;
- l'activation ou la désactivation du support Adobe JavaScript.
Certains codes d'exploitation circulant actuellement sur l'Internet sont reconnus par des antivirus sous divers noms : Trojan.Pidief.E, Bloodhound.PDF-6 (Symantec), Exploit-PDF.i (NAI, Mac Afee)...
L'application Adobe installe une extension permettant à l'explorateur de fichiers de Microsoft Windows de réaliser un aperçu des fichiers au format PDF. De ce fait, la vulnérabilité peut également être exploitée par les méthodes suivantes :
- lors de la sélection d'un fichier PDF exploitant cette vulnérabilité ;
- lors de l'exploration d'un répertoire avec un affichage en mode miniature des icônes.
De plus, il semblerait que cette vulnérabilité puisse être exploitée lors de l'affichage de l'infobulle lié à un fichier PDF malveillant dont les méta-données ont été spécialement construites.
Enfin, l'utilisation de services d'indexation automatique (comme WIS, Windows Indexing Services) pourrait déclencher l'exploitation de la vulnérabilité sur un fichier présent sur l'espace de stockage sans intervention particulière de l'utilisateur.
Contournement provisoire
L'éditeur Adobe annonce qu'un correctif pour la version 9.x sera disponible le 11 mars 2009.
[11 mars 2009] : L'éditeur a mis à disposition un correctif de sécurité pour les versions 9 de Adobe Reader et Acrobat. Se référer au bulletin de sécurité Adobe apsb09-03 du 10 mars 2009 pour l'obtention des correctifs (cf. section Documentation).
[20 mars 2009] : L'éditeur a mis à disposition un correctif de sécurité pour les versions 8 et 7 de Adobe Reader et Acrobat. Se référer au bulletin de sécurité Adobe apsb09-04 du 18 mars 2009 pour l'obtention des correctifs (cf. section Documentation).
Dans l'attente d'un correctif de l'éditeur, plusieurs mesures peuvent diminuer les risques :
-
utiliser un lecteur alternatif à jour. Certains peuvent fermer inopinément à l'ouverture d'un document PDF malveillant mais l'exploitation de la vulnérabilité pour exécuter du code arbitraire n'est pas, à la date de rédaction de ce bulletin, avérée ;
-
pour gêner certains codes d'exploitation, désactiver le Javascript dans les lecteur PDF Adobe et ne l'activer qu'en cas de stricte nécessité. Cette mesure s'effectue directement dans l'interface de configuration de l'application ou en mettant à 0, pour les systèmes Windows uniquement, la valeur de la variable bEnableJS qui se trouve :
pour Adobe Reader dans : HCU\Software\Adobe\Acrobat Reader\<version>.0\JSPrefs pour Adobe Acrobat dans : HCU\Software\Adobe\Adobe Acrobat\<version>.0\JSPrefs -
mettre les pièces jointes au format PDF en quarantaine dans l'attente du correctif.
Par ailleurs, de bonnes pratiques permettent d'atténuer les impacts :
- n'ouvrir que les documents au format PDF provenant d'une source de confiance ;
- travailler avec un compte aux droits limités.
Afin de limiter l'impact d'un fichier PDF spécialement construit dans le contexte de l'explorateur de fichiers de Microsoft Windows, le contournement suivant peut être appliqué :
- Après l'avoir sauvegardée, supprimer de la base de registre la clé
:
HKEY_CLASSES_ROOT\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}
Exemple d'application avec un interpréteur de commandes sous Microsoft Windows :
regsvr32 /u ``c:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll''
ou encore :
reg export HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627} .\export.reg
reg delete HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}
Solution
Se référer aux bulletins de sécurité Adobe APSB09-03 et APSB09-04 publiés le 10 et le 18 mars respectivement pour l'obtention des correctifs (cf. section Documentation). Le CERTA a émis l'avis CERTA-2009-AVI-094 à ce sujet.
NoneImpacted products
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Acrobat Standard, Pro et Pro Extended, versions 9.x, 8.x et 7.x.",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Reader versions 9.x, 8.x et 7.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"closed_at": "2009-03-20",
"content": "## Description\n\nUne erreur dans les produits Adobe relative \u00e0 l\u0027interpr\u00e9tation des\nobjets encod\u00e9s au format JBIG2 dans des fichiers PDF permet \u00e0 un\nutilisateur de provoquer inopin\u00e9ment l\u0027arr\u00eat du logiciel (crash).\n\nElle permet \u00e9galement l\u0027ex\u00e9cution de code arbitraire sur le syst\u00e8me\nvuln\u00e9rable avec les droits de l\u0027utilisateur.\n\nL\u0027exploitation de la vuln\u00e9rabilit\u00e9 ne n\u00e9cessite pas n\u00e9cessairement\u00a0:\n\n- l\u0027intervention de l\u0027utilisateur ;\n- l\u0027activation ou la d\u00e9sactivation du support Adobe JavaScript.\n\n \n \n\nCertains codes d\u0027exploitation circulant actuellement sur l\u0027Internet sont\nreconnus par des antivirus sous divers noms\u00a0: Trojan.Pidief.E,\nBloodhound.PDF-6 (Symantec), Exploit-PDF.i (NAI, Mac Afee)...\n\n \n \n\nL\u0027application Adobe installe une extension permettant \u00e0 l\u0027explorateur de\nfichiers de Microsoft Windows de r\u00e9aliser un aper\u00e7u des fichiers au\nformat PDF. De ce fait, la vuln\u00e9rabilit\u00e9 peut \u00e9galement \u00eatre exploit\u00e9e\npar les m\u00e9thodes suivantes :\n\n- lors de la s\u00e9lection d\u0027un fichier PDF exploitant cette vuln\u00e9rabilit\u00e9\n ;\n- lors de l\u0027exploration d\u0027un r\u00e9pertoire avec un affichage en mode\n miniature des ic\u00f4nes.\n\nDe plus, il semblerait que cette vuln\u00e9rabilit\u00e9 puisse \u00eatre exploit\u00e9e\nlors de l\u0027affichage de l\u0027infobulle li\u00e9 \u00e0 un fichier PDF malveillant dont\nles m\u00e9ta-donn\u00e9es ont \u00e9t\u00e9 sp\u00e9cialement construites.\n\nEnfin, l\u0027utilisation de services d\u0027indexation automatique (comme WIS,\nWindows Indexing Services) pourrait d\u00e9clencher l\u0027exploitation de la\nvuln\u00e9rabilit\u00e9 sur un fichier pr\u00e9sent sur l\u0027espace de stockage sans\nintervention particuli\u00e8re de l\u0027utilisateur.\n\n## Contournement provisoire\n\nL\u0027\u00e9diteur Adobe annonce qu\u0027un correctif pour la version 9.x sera\ndisponible le 11 mars 2009.\n\n\u003cspan class=\"textbf\"\u003e\\[11 mars 2009\\]\u003c/span\u003e : L\u0027\u00e9diteur a mis \u00e0\ndisposition un correctif de s\u00e9curit\u00e9 pour les versions 9 de Adobe Reader\net Acrobat. Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Adobe apsb09-03 du 10\nmars 2009 pour l\u0027obtention des correctifs (cf. section Documentation).\n\n\u003cspan class=\"textbf\"\u003e\\[20 mars 2009\\]\u003c/span\u003e : L\u0027\u00e9diteur a mis \u00e0\ndisposition un correctif de s\u00e9curit\u00e9 pour les versions 8 et 7 de Adobe\nReader et Acrobat. Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Adobe apsb09-04 du\n18 mars 2009 pour l\u0027obtention des correctifs (cf. section\nDocumentation).\n\nDans l\u0027attente d\u0027un correctif de l\u0027\u00e9diteur, plusieurs mesures peuvent\ndiminuer les risques :\n\n- utiliser un lecteur alternatif \u00e0 jour. Certains peuvent fermer\n inopin\u00e9ment \u00e0 l\u0027ouverture d\u0027un document PDF malveillant mais\n l\u0027exploitation de la vuln\u00e9rabilit\u00e9 pour ex\u00e9cuter du code arbitraire\n n\u0027est pas, \u00e0 la date de r\u00e9daction de ce bulletin, av\u00e9r\u00e9e\u00a0;\n\n- pour g\u00eaner certains codes d\u0027exploitation, d\u00e9sactiver le Javascript\n dans les lecteur PDF Adobe et ne l\u0027activer qu\u0027en cas de stricte\n n\u00e9cessit\u00e9. Cette mesure s\u0027effectue directement dans l\u0027interface de\n configuration de l\u0027application ou en mettant \u00e0 0, pour les syst\u00e8mes\n Windows uniquement, la valeur de la variable bEnableJS qui se\n trouve\u00a0:\n\n pour Adobe Reader dans :\n HCU\\Software\\Adobe\\Acrobat Reader\\\u003cversion\u003e.0\\JSPrefs\n pour Adobe Acrobat dans :\n HCU\\Software\\Adobe\\Adobe Acrobat\\\u003cversion\u003e.0\\JSPrefs\n\n- mettre les pi\u00e8ces jointes au format PDF en quarantaine dans\n l\u0027attente du correctif.\n\nPar ailleurs, de bonnes pratiques permettent d\u0027att\u00e9nuer les impacts\u00a0:\n\n- n\u0027ouvrir que les documents au format PDF provenant d\u0027une source de\n confiance\u00a0;\n- travailler avec un compte aux droits limit\u00e9s.\n\n \n\nAfin de limiter l\u0027impact d\u0027un fichier PDF sp\u00e9cialement construit dans le\ncontexte de l\u0027explorateur de fichiers de Microsoft Windows, le\ncontournement suivant peut \u00eatre appliqu\u00e9 :\n\n- Apr\u00e8s l\u0027avoir sauvegard\u00e9e, supprimer de la base de registre la cl\u00e9\n : \n `HKEY_CLASSES_ROOT\\CLSID\\{F9DB5320-233E-11D1-9F84-707F02C10627}`\n\nExemple d\u0027application avec un interpr\u00e9teur de commandes sous Microsoft\nWindows :\n\n regsvr32 /u ``c:\\Program Files\\Fichiers communs\\Adobe\\Acrobat\\ActiveX\\PDFShell.dll\u0027\u0027\n\nou encore :\n\n reg export HKCR\\CLSID\\{F9DB5320-233E-11D1-9F84-707F02C10627} .\\export.reg\n reg delete HKCR\\CLSID\\{F9DB5320-233E-11D1-9F84-707F02C10627}\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 Adobe APSB09-03 et APSB09-04\npubli\u00e9s le 10 et le 18 mars respectivement pour l\u0027obtention des\ncorrectifs (cf. section Documentation). Le CERTA a \u00e9mis l\u0027avis\nCERTA-2009-AVI-094 \u00e0 ce sujet.\n",
"cves": [
{
"name": "CVE-2009-0658",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0658"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 du CERTA CERTA-2009-AVI-094 du 11 mars 2009\u00a0:",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-AVI-094/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsa09-01 du 19 f\u00e9vrier 2009 :",
"url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
},
{
"title": "Bulletin d\u0027actualit\u00e9 CERTA-2009-ACT-008, \u00ab Vuln\u00e9rabilit\u00e9 non corrig\u00e9e dans Adobe Reader \u00bb\u00a0:",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ACT-008.pdf"
},
{
"title": "Bulletin d\u0027actualit\u00e9 CERTA-2009-ACT-010, \u00ab Retour sur la vuln\u00e9rabilit\u00e9 PDF \u00bb\u00a0:",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ACT-010.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb09-03 du 10 mars 2009 :",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-03.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb09-04 du 18 mars 2009\u00a0:",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"title": "Bulletin d\u0027actualit\u00e9 CERTA-2009-ACT-009, \u00ab Retour sur l\u0027alerte CERTA-2009-ALE-001 concernant Adobe \u00bb\u00a0:",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ACT-009.pdf"
}
],
"reference": "CERTA-2009-ALE-001",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-02-20T00:00:00.000000"
},
{
"description": "ajout des cl\u00e9s de registre pour la d\u00e9sactivation de l\u0027interpr\u00e9tation JS par GPO.",
"revision_date": "2009-02-23T00:00:00.000000"
},
{
"description": "mise \u00e0 jour de la section \u00abDescription\u00bb et de la section \u00abContournement provisoire\u00bb.",
"revision_date": "2009-03-06T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins d\u0027actualit\u00e9 du CERTA.",
"revision_date": "2009-03-10T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 d\u0027Adobe et du CERTA.",
"revision_date": "2009-03-11T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences au dernier bulletin de s\u00e9curit\u00e9 d\u0027Adobe APSB09-04.",
"revision_date": "2009-03-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans les produits Adobe permet \u00e0 un utilisateur\nmalveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans l\u0027interpr\u00e9tation JBIG2 des produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis de s\u00e9curit\u00e9 Adobe APSA09-01 du 19 f\u00e9vrier 2009",
"url": null
}
]
}
CERTA-2009-ALE-001
Vulnerability from certfr_alerte - Published: - Updated:
Une vulnérabilité dans les produits Adobe permet à un utilisateur malveillant d'exécuter du code arbitraire à distance.
Description
Une erreur dans les produits Adobe relative à l'interprétation des objets encodés au format JBIG2 dans des fichiers PDF permet à un utilisateur de provoquer inopinément l'arrêt du logiciel (crash).
Elle permet également l'exécution de code arbitraire sur le système vulnérable avec les droits de l'utilisateur.
L'exploitation de la vulnérabilité ne nécessite pas nécessairement :
- l'intervention de l'utilisateur ;
- l'activation ou la désactivation du support Adobe JavaScript.
Certains codes d'exploitation circulant actuellement sur l'Internet sont reconnus par des antivirus sous divers noms : Trojan.Pidief.E, Bloodhound.PDF-6 (Symantec), Exploit-PDF.i (NAI, Mac Afee)...
L'application Adobe installe une extension permettant à l'explorateur de fichiers de Microsoft Windows de réaliser un aperçu des fichiers au format PDF. De ce fait, la vulnérabilité peut également être exploitée par les méthodes suivantes :
- lors de la sélection d'un fichier PDF exploitant cette vulnérabilité ;
- lors de l'exploration d'un répertoire avec un affichage en mode miniature des icônes.
De plus, il semblerait que cette vulnérabilité puisse être exploitée lors de l'affichage de l'infobulle lié à un fichier PDF malveillant dont les méta-données ont été spécialement construites.
Enfin, l'utilisation de services d'indexation automatique (comme WIS, Windows Indexing Services) pourrait déclencher l'exploitation de la vulnérabilité sur un fichier présent sur l'espace de stockage sans intervention particulière de l'utilisateur.
Contournement provisoire
L'éditeur Adobe annonce qu'un correctif pour la version 9.x sera disponible le 11 mars 2009.
[11 mars 2009] : L'éditeur a mis à disposition un correctif de sécurité pour les versions 9 de Adobe Reader et Acrobat. Se référer au bulletin de sécurité Adobe apsb09-03 du 10 mars 2009 pour l'obtention des correctifs (cf. section Documentation).
[20 mars 2009] : L'éditeur a mis à disposition un correctif de sécurité pour les versions 8 et 7 de Adobe Reader et Acrobat. Se référer au bulletin de sécurité Adobe apsb09-04 du 18 mars 2009 pour l'obtention des correctifs (cf. section Documentation).
Dans l'attente d'un correctif de l'éditeur, plusieurs mesures peuvent diminuer les risques :
-
utiliser un lecteur alternatif à jour. Certains peuvent fermer inopinément à l'ouverture d'un document PDF malveillant mais l'exploitation de la vulnérabilité pour exécuter du code arbitraire n'est pas, à la date de rédaction de ce bulletin, avérée ;
-
pour gêner certains codes d'exploitation, désactiver le Javascript dans les lecteur PDF Adobe et ne l'activer qu'en cas de stricte nécessité. Cette mesure s'effectue directement dans l'interface de configuration de l'application ou en mettant à 0, pour les systèmes Windows uniquement, la valeur de la variable bEnableJS qui se trouve :
pour Adobe Reader dans : HCU\Software\Adobe\Acrobat Reader\<version>.0\JSPrefs pour Adobe Acrobat dans : HCU\Software\Adobe\Adobe Acrobat\<version>.0\JSPrefs -
mettre les pièces jointes au format PDF en quarantaine dans l'attente du correctif.
Par ailleurs, de bonnes pratiques permettent d'atténuer les impacts :
- n'ouvrir que les documents au format PDF provenant d'une source de confiance ;
- travailler avec un compte aux droits limités.
Afin de limiter l'impact d'un fichier PDF spécialement construit dans le contexte de l'explorateur de fichiers de Microsoft Windows, le contournement suivant peut être appliqué :
- Après l'avoir sauvegardée, supprimer de la base de registre la clé
:
HKEY_CLASSES_ROOT\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}
Exemple d'application avec un interpréteur de commandes sous Microsoft Windows :
regsvr32 /u ``c:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll''
ou encore :
reg export HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627} .\export.reg
reg delete HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}
Solution
Se référer aux bulletins de sécurité Adobe APSB09-03 et APSB09-04 publiés le 10 et le 18 mars respectivement pour l'obtention des correctifs (cf. section Documentation). Le CERTA a émis l'avis CERTA-2009-AVI-094 à ce sujet.
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Acrobat Standard, Pro et Pro Extended, versions 9.x, 8.x et 7.x.",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Reader versions 9.x, 8.x et 7.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"closed_at": "2009-03-20",
"content": "## Description\n\nUne erreur dans les produits Adobe relative \u00e0 l\u0027interpr\u00e9tation des\nobjets encod\u00e9s au format JBIG2 dans des fichiers PDF permet \u00e0 un\nutilisateur de provoquer inopin\u00e9ment l\u0027arr\u00eat du logiciel (crash).\n\nElle permet \u00e9galement l\u0027ex\u00e9cution de code arbitraire sur le syst\u00e8me\nvuln\u00e9rable avec les droits de l\u0027utilisateur.\n\nL\u0027exploitation de la vuln\u00e9rabilit\u00e9 ne n\u00e9cessite pas n\u00e9cessairement\u00a0:\n\n- l\u0027intervention de l\u0027utilisateur ;\n- l\u0027activation ou la d\u00e9sactivation du support Adobe JavaScript.\n\n \n \n\nCertains codes d\u0027exploitation circulant actuellement sur l\u0027Internet sont\nreconnus par des antivirus sous divers noms\u00a0: Trojan.Pidief.E,\nBloodhound.PDF-6 (Symantec), Exploit-PDF.i (NAI, Mac Afee)...\n\n \n \n\nL\u0027application Adobe installe une extension permettant \u00e0 l\u0027explorateur de\nfichiers de Microsoft Windows de r\u00e9aliser un aper\u00e7u des fichiers au\nformat PDF. De ce fait, la vuln\u00e9rabilit\u00e9 peut \u00e9galement \u00eatre exploit\u00e9e\npar les m\u00e9thodes suivantes :\n\n- lors de la s\u00e9lection d\u0027un fichier PDF exploitant cette vuln\u00e9rabilit\u00e9\n ;\n- lors de l\u0027exploration d\u0027un r\u00e9pertoire avec un affichage en mode\n miniature des ic\u00f4nes.\n\nDe plus, il semblerait que cette vuln\u00e9rabilit\u00e9 puisse \u00eatre exploit\u00e9e\nlors de l\u0027affichage de l\u0027infobulle li\u00e9 \u00e0 un fichier PDF malveillant dont\nles m\u00e9ta-donn\u00e9es ont \u00e9t\u00e9 sp\u00e9cialement construites.\n\nEnfin, l\u0027utilisation de services d\u0027indexation automatique (comme WIS,\nWindows Indexing Services) pourrait d\u00e9clencher l\u0027exploitation de la\nvuln\u00e9rabilit\u00e9 sur un fichier pr\u00e9sent sur l\u0027espace de stockage sans\nintervention particuli\u00e8re de l\u0027utilisateur.\n\n## Contournement provisoire\n\nL\u0027\u00e9diteur Adobe annonce qu\u0027un correctif pour la version 9.x sera\ndisponible le 11 mars 2009.\n\n\u003cspan class=\"textbf\"\u003e\\[11 mars 2009\\]\u003c/span\u003e : L\u0027\u00e9diteur a mis \u00e0\ndisposition un correctif de s\u00e9curit\u00e9 pour les versions 9 de Adobe Reader\net Acrobat. Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Adobe apsb09-03 du 10\nmars 2009 pour l\u0027obtention des correctifs (cf. section Documentation).\n\n\u003cspan class=\"textbf\"\u003e\\[20 mars 2009\\]\u003c/span\u003e : L\u0027\u00e9diteur a mis \u00e0\ndisposition un correctif de s\u00e9curit\u00e9 pour les versions 8 et 7 de Adobe\nReader et Acrobat. Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Adobe apsb09-04 du\n18 mars 2009 pour l\u0027obtention des correctifs (cf. section\nDocumentation).\n\nDans l\u0027attente d\u0027un correctif de l\u0027\u00e9diteur, plusieurs mesures peuvent\ndiminuer les risques :\n\n- utiliser un lecteur alternatif \u00e0 jour. Certains peuvent fermer\n inopin\u00e9ment \u00e0 l\u0027ouverture d\u0027un document PDF malveillant mais\n l\u0027exploitation de la vuln\u00e9rabilit\u00e9 pour ex\u00e9cuter du code arbitraire\n n\u0027est pas, \u00e0 la date de r\u00e9daction de ce bulletin, av\u00e9r\u00e9e\u00a0;\n\n- pour g\u00eaner certains codes d\u0027exploitation, d\u00e9sactiver le Javascript\n dans les lecteur PDF Adobe et ne l\u0027activer qu\u0027en cas de stricte\n n\u00e9cessit\u00e9. Cette mesure s\u0027effectue directement dans l\u0027interface de\n configuration de l\u0027application ou en mettant \u00e0 0, pour les syst\u00e8mes\n Windows uniquement, la valeur de la variable bEnableJS qui se\n trouve\u00a0:\n\n pour Adobe Reader dans :\n HCU\\Software\\Adobe\\Acrobat Reader\\\u003cversion\u003e.0\\JSPrefs\n pour Adobe Acrobat dans :\n HCU\\Software\\Adobe\\Adobe Acrobat\\\u003cversion\u003e.0\\JSPrefs\n\n- mettre les pi\u00e8ces jointes au format PDF en quarantaine dans\n l\u0027attente du correctif.\n\nPar ailleurs, de bonnes pratiques permettent d\u0027att\u00e9nuer les impacts\u00a0:\n\n- n\u0027ouvrir que les documents au format PDF provenant d\u0027une source de\n confiance\u00a0;\n- travailler avec un compte aux droits limit\u00e9s.\n\n \n\nAfin de limiter l\u0027impact d\u0027un fichier PDF sp\u00e9cialement construit dans le\ncontexte de l\u0027explorateur de fichiers de Microsoft Windows, le\ncontournement suivant peut \u00eatre appliqu\u00e9 :\n\n- Apr\u00e8s l\u0027avoir sauvegard\u00e9e, supprimer de la base de registre la cl\u00e9\n : \n `HKEY_CLASSES_ROOT\\CLSID\\{F9DB5320-233E-11D1-9F84-707F02C10627}`\n\nExemple d\u0027application avec un interpr\u00e9teur de commandes sous Microsoft\nWindows :\n\n regsvr32 /u ``c:\\Program Files\\Fichiers communs\\Adobe\\Acrobat\\ActiveX\\PDFShell.dll\u0027\u0027\n\nou encore :\n\n reg export HKCR\\CLSID\\{F9DB5320-233E-11D1-9F84-707F02C10627} .\\export.reg\n reg delete HKCR\\CLSID\\{F9DB5320-233E-11D1-9F84-707F02C10627}\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 Adobe APSB09-03 et APSB09-04\npubli\u00e9s le 10 et le 18 mars respectivement pour l\u0027obtention des\ncorrectifs (cf. section Documentation). Le CERTA a \u00e9mis l\u0027avis\nCERTA-2009-AVI-094 \u00e0 ce sujet.\n",
"cves": [
{
"name": "CVE-2009-0658",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0658"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 du CERTA CERTA-2009-AVI-094 du 11 mars 2009\u00a0:",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-AVI-094/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsa09-01 du 19 f\u00e9vrier 2009 :",
"url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
},
{
"title": "Bulletin d\u0027actualit\u00e9 CERTA-2009-ACT-008, \u00ab Vuln\u00e9rabilit\u00e9 non corrig\u00e9e dans Adobe Reader \u00bb\u00a0:",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ACT-008.pdf"
},
{
"title": "Bulletin d\u0027actualit\u00e9 CERTA-2009-ACT-010, \u00ab Retour sur la vuln\u00e9rabilit\u00e9 PDF \u00bb\u00a0:",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ACT-010.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb09-03 du 10 mars 2009 :",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-03.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb09-04 du 18 mars 2009\u00a0:",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"title": "Bulletin d\u0027actualit\u00e9 CERTA-2009-ACT-009, \u00ab Retour sur l\u0027alerte CERTA-2009-ALE-001 concernant Adobe \u00bb\u00a0:",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ACT-009.pdf"
}
],
"reference": "CERTA-2009-ALE-001",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-02-20T00:00:00.000000"
},
{
"description": "ajout des cl\u00e9s de registre pour la d\u00e9sactivation de l\u0027interpr\u00e9tation JS par GPO.",
"revision_date": "2009-02-23T00:00:00.000000"
},
{
"description": "mise \u00e0 jour de la section \u00abDescription\u00bb et de la section \u00abContournement provisoire\u00bb.",
"revision_date": "2009-03-06T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins d\u0027actualit\u00e9 du CERTA.",
"revision_date": "2009-03-10T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 d\u0027Adobe et du CERTA.",
"revision_date": "2009-03-11T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences au dernier bulletin de s\u00e9curit\u00e9 d\u0027Adobe APSB09-04.",
"revision_date": "2009-03-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans les produits Adobe permet \u00e0 un utilisateur\nmalveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans l\u0027interpr\u00e9tation JBIG2 des produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis de s\u00e9curit\u00e9 Adobe APSA09-01 du 19 f\u00e9vrier 2009",
"url": null
}
]
}
CERTA-2009-AVI-094
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité dans l'interprétation des documents PDF par différents lecteurs permet à un utilisateur malveillant d'exécuter du code arbitraire à distance.
Description
Une erreur dans différents produits relative à l'interprétation des objets encodés au format JBIG2 dans des fichiers PDF permet à un utilisateur de provoquer l'arrêt du logiciel (crash).
Elle permet également l'exécution de code arbitraire sur le système vulnérable avec les droits de l'utilisateur.
L'exploitation de la vulnérabilité ne nécessite pas nécessairement :
- l'intervention de l'utilisateur ;
- l'activation ou la désactivation du support du langage JavaScript.
Certains codes d'exploitation circulant actuellement sur l'Internet sont reconnus par des antivirus sous divers noms : Trojan.Pidief.E, Bloodhound.PDF-6 (Symantec), Exploit-PDF.i (NAI, Mac Afee)...
Certains lecteurs PDF installent une extension permettant à l'explorateur de fichiers de Microsoft Windows de réaliser un aperçu des fichiers au format PDF. De ce fait, la vulnérabilité peut également être exploitée par les méthodes suivantes :
- lors de la sélection d'un fichier PDF exploitant cette vulnérabilité ;
- lors de l'exploration d'un répertoire avec un affichage en mode miniature des icônes.
De plus, il semblerait que cette vulnérabilité puisse être exploitée lors de l'affichage de l'infobulle lié à un fichier PDF malveillant dont les méta-données ont été spécialement construites.
Enfin, l'utilisation de services d'indexation automatique (comme WIS, Windows Indexing Services) pourrait déclencher l'exploitation de la vulnérabilité sur un fichier présent sur l'espace de stockage sans intervention particulière de l'utilisateur.
Solution
Se référer à la documentation des éditeurs afin d'obtenir les correctifs (cf. Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Reader versions 9.x, 8.x et 7.x ;",
"product": {
"name": "PDF Reader",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "Xpdf versions ant\u00e9rieures \u00e0 la mise \u00e0 jour 3.02pl3.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Adobe Acrobat Standard, Pro et Pro Extended, versions 9.x, 8.x et 7.x.",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "KDE versions ant\u00e9rieures \u00e0 la version 3.4.5-12 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Foxit",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne erreur dans diff\u00e9rents produits relative \u00e0 l\u0027interpr\u00e9tation des\nobjets encod\u00e9s au format JBIG2 dans des fichiers PDF permet \u00e0 un\nutilisateur de provoquer l\u0027arr\u00eat du logiciel (crash).\n\nElle permet \u00e9galement l\u0027ex\u00e9cution de code arbitraire sur le syst\u00e8me\nvuln\u00e9rable avec les droits de l\u0027utilisateur.\n\nL\u0027exploitation de la vuln\u00e9rabilit\u00e9 ne n\u00e9cessite pas n\u00e9cessairement :\n\n- l\u0027intervention de l\u0027utilisateur ;\n- l\u0027activation ou la d\u00e9sactivation du support du langage JavaScript.\n\n \n \n\nCertains codes d\u0027exploitation circulant actuellement sur l\u0027Internet sont\nreconnus par des antivirus sous divers noms\u00a0: Trojan.Pidief.E,\nBloodhound.PDF-6 (Symantec), Exploit-PDF.i (NAI, Mac Afee)...\n\n \n \n\nCertains lecteurs PDF installent une extension permettant \u00e0\nl\u0027explorateur de fichiers de Microsoft Windows de r\u00e9aliser un aper\u00e7u des\nfichiers au format PDF. De ce fait, la vuln\u00e9rabilit\u00e9 peut \u00e9galement \u00eatre\nexploit\u00e9e par les m\u00e9thodes suivantes :\n\n- lors de la s\u00e9lection d\u0027un fichier PDF exploitant cette vuln\u00e9rabilit\u00e9\n ;\n- lors de l\u0027exploration d\u0027un r\u00e9pertoire avec un affichage en mode\n miniature des ic\u00f4nes.\n\nDe plus, il semblerait que cette vuln\u00e9rabilit\u00e9 puisse \u00eatre exploit\u00e9e\nlors de l\u0027affichage de l\u0027infobulle li\u00e9 \u00e0 un fichier PDF malveillant dont\nles m\u00e9ta-donn\u00e9es ont \u00e9t\u00e9 sp\u00e9cialement construites.\n\nEnfin, l\u0027utilisation de services d\u0027indexation automatique (comme WIS,\nWindows Indexing Services) pourrait d\u00e9clencher l\u0027exploitation de la\nvuln\u00e9rabilit\u00e9 sur un fichier pr\u00e9sent sur l\u0027espace de stockage sans\nintervention particuli\u00e8re de l\u0027utilisateur.\n\n## Solution\n\nSe r\u00e9f\u00e9rer \u00e0 la documentation des \u00e9diteurs afin d\u0027obtenir les correctifs\n(cf. Documentation).\n",
"cves": [
{
"name": "CVE-2009-0658",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0658"
},
{
"name": "CVE-2009-0927",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0927"
}
],
"links": [
{
"title": "Mise \u00e0 jour Xpdf du 30 mars 2009 :",
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl3.patch"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RSHA-2009-0431 et RSHA-2009-430 du 16 avril 2009 :",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0430.html"
},
{
"title": "Alerte CERTA-2009-ALE-001 du 20 f\u00e9vrier 2009:",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ALE-001/"
},
{
"title": "Avis de s\u00e9curit\u00e9 Adobe apsa09-01 du 19 f\u00e9vrier 2009 :",
"url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RSHA-2009-0431 et RSHA-2009-430 du 16 avril 2009 :",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0431.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb09-03 du 10 mars 2009 :",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-03.html"
},
{
"title": "Document du CERTA CERTA-2009-ALE-001 du 20 f\u00e9vrier 2009 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ALE-001/index.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb09-04 du 18 mars 2009\u00a0:",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
}
],
"reference": "CERTA-2009-AVI-094",
"revisions": [
{
"description": "version initiale ;",
"revision_date": "2009-03-11T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences au bulletin de s\u00e9curit\u00e9 APSB09-04 concernant les versions 7.x et 8.x ;",
"revision_date": "2009-03-20T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins Red Hat et Xpdf.",
"revision_date": "2009-04-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans l\u0027interpr\u00e9tation des documents PDF par diff\u00e9rents\nlecteurs permet \u00e0 un utilisateur malveillant d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans l\u0027interpr\u00e9tation JBIG2 dans le format PDF",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB09-03 du 10 mars 2009",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB09-04 du 18 mars 2009",
"url": null
}
]
}
CERTA-2009-AVI-094
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité dans l'interprétation des documents PDF par différents lecteurs permet à un utilisateur malveillant d'exécuter du code arbitraire à distance.
Description
Une erreur dans différents produits relative à l'interprétation des objets encodés au format JBIG2 dans des fichiers PDF permet à un utilisateur de provoquer l'arrêt du logiciel (crash).
Elle permet également l'exécution de code arbitraire sur le système vulnérable avec les droits de l'utilisateur.
L'exploitation de la vulnérabilité ne nécessite pas nécessairement :
- l'intervention de l'utilisateur ;
- l'activation ou la désactivation du support du langage JavaScript.
Certains codes d'exploitation circulant actuellement sur l'Internet sont reconnus par des antivirus sous divers noms : Trojan.Pidief.E, Bloodhound.PDF-6 (Symantec), Exploit-PDF.i (NAI, Mac Afee)...
Certains lecteurs PDF installent une extension permettant à l'explorateur de fichiers de Microsoft Windows de réaliser un aperçu des fichiers au format PDF. De ce fait, la vulnérabilité peut également être exploitée par les méthodes suivantes :
- lors de la sélection d'un fichier PDF exploitant cette vulnérabilité ;
- lors de l'exploration d'un répertoire avec un affichage en mode miniature des icônes.
De plus, il semblerait que cette vulnérabilité puisse être exploitée lors de l'affichage de l'infobulle lié à un fichier PDF malveillant dont les méta-données ont été spécialement construites.
Enfin, l'utilisation de services d'indexation automatique (comme WIS, Windows Indexing Services) pourrait déclencher l'exploitation de la vulnérabilité sur un fichier présent sur l'espace de stockage sans intervention particulière de l'utilisateur.
Solution
Se référer à la documentation des éditeurs afin d'obtenir les correctifs (cf. Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Reader versions 9.x, 8.x et 7.x ;",
"product": {
"name": "PDF Reader",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "Xpdf versions ant\u00e9rieures \u00e0 la mise \u00e0 jour 3.02pl3.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Adobe Acrobat Standard, Pro et Pro Extended, versions 9.x, 8.x et 7.x.",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "KDE versions ant\u00e9rieures \u00e0 la version 3.4.5-12 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Foxit",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne erreur dans diff\u00e9rents produits relative \u00e0 l\u0027interpr\u00e9tation des\nobjets encod\u00e9s au format JBIG2 dans des fichiers PDF permet \u00e0 un\nutilisateur de provoquer l\u0027arr\u00eat du logiciel (crash).\n\nElle permet \u00e9galement l\u0027ex\u00e9cution de code arbitraire sur le syst\u00e8me\nvuln\u00e9rable avec les droits de l\u0027utilisateur.\n\nL\u0027exploitation de la vuln\u00e9rabilit\u00e9 ne n\u00e9cessite pas n\u00e9cessairement :\n\n- l\u0027intervention de l\u0027utilisateur ;\n- l\u0027activation ou la d\u00e9sactivation du support du langage JavaScript.\n\n \n \n\nCertains codes d\u0027exploitation circulant actuellement sur l\u0027Internet sont\nreconnus par des antivirus sous divers noms\u00a0: Trojan.Pidief.E,\nBloodhound.PDF-6 (Symantec), Exploit-PDF.i (NAI, Mac Afee)...\n\n \n \n\nCertains lecteurs PDF installent une extension permettant \u00e0\nl\u0027explorateur de fichiers de Microsoft Windows de r\u00e9aliser un aper\u00e7u des\nfichiers au format PDF. De ce fait, la vuln\u00e9rabilit\u00e9 peut \u00e9galement \u00eatre\nexploit\u00e9e par les m\u00e9thodes suivantes :\n\n- lors de la s\u00e9lection d\u0027un fichier PDF exploitant cette vuln\u00e9rabilit\u00e9\n ;\n- lors de l\u0027exploration d\u0027un r\u00e9pertoire avec un affichage en mode\n miniature des ic\u00f4nes.\n\nDe plus, il semblerait que cette vuln\u00e9rabilit\u00e9 puisse \u00eatre exploit\u00e9e\nlors de l\u0027affichage de l\u0027infobulle li\u00e9 \u00e0 un fichier PDF malveillant dont\nles m\u00e9ta-donn\u00e9es ont \u00e9t\u00e9 sp\u00e9cialement construites.\n\nEnfin, l\u0027utilisation de services d\u0027indexation automatique (comme WIS,\nWindows Indexing Services) pourrait d\u00e9clencher l\u0027exploitation de la\nvuln\u00e9rabilit\u00e9 sur un fichier pr\u00e9sent sur l\u0027espace de stockage sans\nintervention particuli\u00e8re de l\u0027utilisateur.\n\n## Solution\n\nSe r\u00e9f\u00e9rer \u00e0 la documentation des \u00e9diteurs afin d\u0027obtenir les correctifs\n(cf. Documentation).\n",
"cves": [
{
"name": "CVE-2009-0658",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0658"
},
{
"name": "CVE-2009-0927",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0927"
}
],
"links": [
{
"title": "Mise \u00e0 jour Xpdf du 30 mars 2009 :",
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl3.patch"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RSHA-2009-0431 et RSHA-2009-430 du 16 avril 2009 :",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0430.html"
},
{
"title": "Alerte CERTA-2009-ALE-001 du 20 f\u00e9vrier 2009:",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ALE-001/"
},
{
"title": "Avis de s\u00e9curit\u00e9 Adobe apsa09-01 du 19 f\u00e9vrier 2009 :",
"url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RSHA-2009-0431 et RSHA-2009-430 du 16 avril 2009 :",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0431.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb09-03 du 10 mars 2009 :",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-03.html"
},
{
"title": "Document du CERTA CERTA-2009-ALE-001 du 20 f\u00e9vrier 2009 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ALE-001/index.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb09-04 du 18 mars 2009\u00a0:",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
}
],
"reference": "CERTA-2009-AVI-094",
"revisions": [
{
"description": "version initiale ;",
"revision_date": "2009-03-11T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences au bulletin de s\u00e9curit\u00e9 APSB09-04 concernant les versions 7.x et 8.x ;",
"revision_date": "2009-03-20T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins Red Hat et Xpdf.",
"revision_date": "2009-04-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans l\u0027interpr\u00e9tation des documents PDF par diff\u00e9rents\nlecteurs permet \u00e0 un utilisateur malveillant d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans l\u0027interpr\u00e9tation JBIG2 dans le format PDF",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB09-03 du 10 mars 2009",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB09-04 du 18 mars 2009",
"url": null
}
]
}
FKIE_CVE-2009-0658
Vulnerability from fkie_nvd - Published: 2009-02-20 19:30 - Updated: 2026-04-23 00:35
Severity
Summary
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://isc.sans.org/diary.html?n&storyid=5902 | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html | Third Party Advisory | |
| cve@mitre.org | http://osvdb.org/52073 | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/33901 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34392 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34490 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34706 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34790 | Third Party Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200904-17.xml | Third Party Advisory | |
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1 | Third Party Advisory | |
| cve@mitre.org | http://www.adobe.com/support/security/advisories/apsa09-01.html | Vendor Advisory | |
| cve@mitre.org | http://www.adobe.com/support/security/bulletins/apsb09-04.html | Vendor Advisory | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/905281 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0376.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/33751 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id?1021739 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219 | Third Party Advisory | |
| cve@mitre.org | http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99&tabid=2 | Third Party Advisory | |
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA09-051A.html | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/0472 | Third Party Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1019 | Third Party Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/48825 | VDB Entry | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697 | Tool Signature | |
| cve@mitre.org | https://www.exploit-db.com/exploits/8090 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.exploit-db.com/exploits/8099 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://isc.sans.org/diary.html?n&storyid=5902 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/52073 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33901 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34392 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34490 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34706 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34790 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200904-17.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.adobe.com/support/security/advisories/apsa09-01.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.adobe.com/support/security/bulletins/apsb09-04.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/905281 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0376.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/33751 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1021739 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99&tabid=2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA09-051A.html | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/0472 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/48825 | VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697 | Tool Signature | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/8090 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/8099 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat | 9.0 | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C45837B4-F4F9-45DC-B324-48BD4AB51973",
"versionEndIncluding": "7.1.1",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C1BEE55-AAE2-4D61-9156-7E34692469C1",
"versionEndIncluding": "8.1.4",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA53564-9ACD-4CFB-9AAC-A77440026A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BB02266-8184-4A96-A1F0-66C9A3F0A329",
"versionEndIncluding": "7.1.1",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07DD4484-A823-4B8B-8939-44A553E2FD63",
"versionEndIncluding": "8.1.4",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "562772F1-1627-438E-A6B8-7D1AA5536086",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E."
},
{
"lang": "es",
"value": "Un desbordamiento del b\u00fafer en Adobe Reader versi\u00f3n 9.0 y anteriores, y Acrobat versi\u00f3n 9.0 y anteriores, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un documento PDF creado, relacionado con una llamada a una funci\u00f3n que no sea JavaScript y posiblemente una secuencia de im\u00e1genes del componente JBIG2 incrustada, tal como se explot\u00f3 \u201cin the wild\u201d en febrero de 2009 por Trojan.Pidief.E."
}
],
"id": "CVE-2009-0658",
"lastModified": "2026-04-23T00:35:47.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2009-02-20T19:30:00.390",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/52073"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/33901"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34392"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34490"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34706"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34790"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/905281"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/33751"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021739"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0472"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1019"
},
{
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
},
{
"source": "cve@mitre.org",
"tags": [
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/8090"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/8099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/52073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/33901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/905281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/33751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/8090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/8099"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-PM5J-JRQ9-VMHX
Vulnerability from github – Published: 2022-05-02 03:17 – Updated: 2022-05-02 03:17
VLAI
Details
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
Severity
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2009-0658"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-02-20T19:30:00Z",
"severity": "HIGH"
},
"details": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.",
"id": "GHSA-pm5j-jrq9-vmhx",
"modified": "2022-05-02T03:17:23Z",
"published": "2022-05-02T03:17:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0658"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/8090"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/8099"
},
{
"type": "WEB",
"url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"type": "WEB",
"url": "http://osvdb.org/52073"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/33901"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/34392"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/34490"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/34706"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/34790"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
},
{
"type": "WEB",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
},
{
"type": "WEB",
"url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
},
{
"type": "WEB",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/905281"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/33751"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1021739"
},
{
"type": "WEB",
"url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
},
{
"type": "WEB",
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/0472"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/1019"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2009-0658
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2009-0658",
"description": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.",
"id": "GSD-2009-0658",
"references": [
"https://www.suse.com/security/cve/CVE-2009-0658.html",
"https://access.redhat.com/errata/RHSA-2009:0376",
"https://packetstormsecurity.com/files/cve/CVE-2009-0658"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2009-0658"
],
"details": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.",
"id": "GSD-2009-0658",
"modified": "2023-12-13T01:19:44.029372Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219",
"refsource": "MISC",
"url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
},
{
"name": "34790",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34790"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb09-04.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"name": "8099",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8099"
},
{
"name": "oval:org.mitre.oval:def:5697",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
},
{
"name": "http://isc.sans.org/diary.html?n\u0026storyid=5902",
"refsource": "MISC",
"url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
},
{
"name": "TA09-051A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
},
{
"name": "http://www.adobe.com/support/security/advisories/apsa09-01.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
},
{
"name": "52073",
"refsource": "OSVDB",
"url": "http://osvdb.org/52073"
},
{
"name": "34490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34490"
},
{
"name": "33901",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33901"
},
{
"name": "RHSA-2009:0376",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
},
{
"name": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2",
"refsource": "MISC",
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
},
{
"name": "34392",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34392"
},
{
"name": "SUSE-SA:2009:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
},
{
"name": "34706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34706"
},
{
"name": "ADV-2009-0472",
"refsource": "FRSIRT",
"url": "http://www.vupen.com/english/advisories/2009/0472"
},
{
"name": "VU#905281",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/905281"
},
{
"name": "256788",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
},
{
"name": "33751",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33751"
},
{
"name": "adobe-acrobat-reader-image-bo(48825)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
},
{
"name": "1021739",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021739"
},
{
"name": "8090",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8090"
},
{
"name": "GLSA-200904-17",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
},
{
"name": "SUSE-SR:2009:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "ADV-2009-1019",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1019"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1.1",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1.4",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1.4",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1.1",
"versionStartIncluding": "7.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0658"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://isc.sans.org/diary.html?n\u0026storyid=5902",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
},
{
"name": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
},
{
"name": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
},
{
"name": "http://www.adobe.com/support/security/advisories/apsa09-01.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
},
{
"name": "33751",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/33751"
},
{
"name": "33901",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/33901"
},
{
"name": "VU#905281",
"refsource": "CERT-VN",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/905281"
},
{
"name": "52073",
"refsource": "OSVDB",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/52073"
},
{
"name": "1021739",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021739"
},
{
"name": "TA09-051A",
"refsource": "CERT",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb09-04.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"name": "RHSA-2009:0376",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
},
{
"name": "34392",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34392"
},
{
"name": "34490",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34490"
},
{
"name": "SUSE-SA:2009:014",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
},
{
"name": "256788",
"refsource": "SUNALERT",
"tags": [
"Third Party Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
},
{
"name": "34706",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34706"
},
{
"name": "SUSE-SR:2009:009",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "34790",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34790"
},
{
"name": "ADV-2009-1019",
"refsource": "VUPEN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1019"
},
{
"name": "GLSA-200904-17",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
},
{
"name": "ADV-2009-0472",
"refsource": "FRSIRT",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0472"
},
{
"name": "adobe-acrobat-reader-image-bo(48825)",
"refsource": "XF",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
},
{
"name": "8099",
"refsource": "EXPLOIT-DB",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/8099"
},
{
"name": "8090",
"refsource": "EXPLOIT-DB",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/8090"
},
{
"name": "oval:org.mitre.oval:def:5697",
"refsource": "OVAL",
"tags": [
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2019-09-27T16:48Z",
"publishedDate": "2009-02-20T19:30Z"
}
}
}
RHSA-2009:0376
Vulnerability from csaf_redhat - Published: 2009-03-25 13:48 - Updated: 2025-11-21 17:34Summary
Red Hat Security Advisory: acroread security update
Severity
Critical
Notes
Topic: Updated acroread packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4
Extras, and Red Hat Enterprise Linux 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details: Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
Multiple input validation flaws were discovered in the JBIG2 compressed
images decoder used by Adobe Reader. A malicious PDF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader. (CVE-2009-0193, CVE-2009-0658, CVE-2009-0928, CVE-2009-1061,
CVE-2009-1062)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 8.1.4, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-1061 and CVE-2009-1062.
6.8 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 3AS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3AS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
6.8 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 3AS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3AS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table.
6.8 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 3AS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3AS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 and "input validation," a different vulnerability than CVE-2009-0193 and CVE-2009-1062.
6.8 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 3AS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3AS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061.
6.8 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 3AS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3AS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
References
21 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2009:0376 | self |
| http://www.adobe.com/support/security/bulletins/a… | external |
| http://www.redhat.com/security/updates/classifica… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=486928 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2009-0193 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=486928 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0193 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0193 | external |
| https://access.redhat.com/security/cve/CVE-2009-0658 | self |
| https://www.cve.org/CVERecord?id=CVE-2009-0658 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0658 | external |
| https://access.redhat.com/security/cve/CVE-2009-0928 | self |
| https://www.cve.org/CVERecord?id=CVE-2009-0928 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0928 | external |
| https://access.redhat.com/security/cve/CVE-2009-1061 | self |
| https://www.cve.org/CVERecord?id=CVE-2009-1061 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-1061 | external |
| https://access.redhat.com/security/cve/CVE-2009-1062 | self |
| https://www.cve.org/CVERecord?id=CVE-2009-1062 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-1062 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4\nExtras, and Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nMultiple input validation flaws were discovered in the JBIG2 compressed\nimages decoder used by Adobe Reader. A malicious PDF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader. (CVE-2009-0193, CVE-2009-0658, CVE-2009-0928, CVE-2009-1061,\nCVE-2009-1062)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 8.1.4, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:0376",
"url": "https://access.redhat.com/errata/RHSA-2009:0376"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb09-04.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#critical",
"url": "http://www.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "486928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486928"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_0376.json"
}
],
"title": "Red Hat Security Advisory: acroread security update",
"tracking": {
"current_release_date": "2025-11-21T17:34:26+00:00",
"generator": {
"date": "2025-11-21T17:34:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2009:0376",
"initial_release_date": "2009-03-25T13:48:00+00:00",
"revision_history": [
{
"date": "2009-03-25T13:48:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-03-25T09:48:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:34:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 3 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 3 Extras",
"product_id": "3AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:3"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 3 Extras",
"product": {
"name": "Red Hat Desktop version 3 Extras",
"product_id": "3Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:3"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 3 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 3 Extras",
"product_id": "3ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:3"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 3 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 3 Extras",
"product_id": "3WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-plugin-0:8.1.4-1.el5.i386",
"product": {
"name": "acroread-plugin-0:8.1.4-1.el5.i386",
"product_id": "acroread-plugin-0:8.1.4-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@8.1.4-1.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:8.1.4-1.el5.i386",
"product": {
"name": "acroread-0:8.1.4-1.el5.i386",
"product_id": "acroread-0:8.1.4-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@8.1.4-1.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:8.1.4-1.el4.i386",
"product": {
"name": "acroread-plugin-0:8.1.4-1.el4.i386",
"product_id": "acroread-plugin-0:8.1.4-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@8.1.4-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:8.1.4-1.el4.i386",
"product": {
"name": "acroread-0:8.1.4-1.el4.i386",
"product_id": "acroread-0:8.1.4-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@8.1.4-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:8.1.4-1.i386",
"product": {
"name": "acroread-plugin-0:8.1.4-1.i386",
"product_id": "acroread-plugin-0:8.1.4-1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@8.1.4-1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:8.1.4-1.i386",
"product": {
"name": "acroread-0:8.1.4-1.i386",
"product_id": "acroread-0:8.1.4-1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@8.1.4-1?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.i386 as a component of Red Hat Enterprise Linux AS version 3 Extras",
"product_id": "3AS-LACD:acroread-0:8.1.4-1.i386"
},
"product_reference": "acroread-0:8.1.4-1.i386",
"relates_to_product_reference": "3AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.i386 as a component of Red Hat Enterprise Linux AS version 3 Extras",
"product_id": "3AS-LACD:acroread-plugin-0:8.1.4-1.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.i386",
"relates_to_product_reference": "3AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.i386 as a component of Red Hat Desktop version 3 Extras",
"product_id": "3Desktop-LACD:acroread-0:8.1.4-1.i386"
},
"product_reference": "acroread-0:8.1.4-1.i386",
"relates_to_product_reference": "3Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.i386 as a component of Red Hat Desktop version 3 Extras",
"product_id": "3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.i386",
"relates_to_product_reference": "3Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.i386 as a component of Red Hat Enterprise Linux ES version 3 Extras",
"product_id": "3ES-LACD:acroread-0:8.1.4-1.i386"
},
"product_reference": "acroread-0:8.1.4-1.i386",
"relates_to_product_reference": "3ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.i386 as a component of Red Hat Enterprise Linux ES version 3 Extras",
"product_id": "3ES-LACD:acroread-plugin-0:8.1.4-1.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.i386",
"relates_to_product_reference": "3ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.i386 as a component of Red Hat Enterprise Linux WS version 3 Extras",
"product_id": "3WS-LACD:acroread-0:8.1.4-1.i386"
},
"product_reference": "acroread-0:8.1.4-1.i386",
"relates_to_product_reference": "3WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.i386 as a component of Red Hat Enterprise Linux WS version 3 Extras",
"product_id": "3WS-LACD:acroread-plugin-0:8.1.4-1.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.i386",
"relates_to_product_reference": "3WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-0:8.1.4-1.el5.i386"
},
"product_reference": "acroread-0:8.1.4-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-0:8.1.4-1.el5.i386"
},
"product_reference": "acroread-0:8.1.4-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-0193",
"discovery_date": "2009-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "486928"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-1061 and CVE-2009-1062.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple JBIG2-related security flaws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0193"
},
{
"category": "external",
"summary": "RHBZ#486928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0193",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0193"
}
],
"release_date": "2009-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-03-25T13:48:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0376"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple JBIG2-related security flaws"
},
{
"cve": "CVE-2009-0658",
"discovery_date": "2009-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "486928"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple JBIG2-related security flaws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0658"
},
{
"category": "external",
"summary": "RHBZ#486928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0658",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0658"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0658",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0658"
}
],
"release_date": "2009-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-03-25T13:48:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0376"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple JBIG2-related security flaws"
},
{
"cve": "CVE-2009-0928",
"discovery_date": "2009-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "486928"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple JBIG2-related security flaws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0928"
},
{
"category": "external",
"summary": "RHBZ#486928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0928",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0928"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0928",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0928"
}
],
"release_date": "2009-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-03-25T13:48:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0376"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple JBIG2-related security flaws"
},
{
"cve": "CVE-2009-1061",
"discovery_date": "2009-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "486928"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 and \"input validation,\" a different vulnerability than CVE-2009-0193 and CVE-2009-1062.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple JBIG2-related security flaws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-1061"
},
{
"category": "external",
"summary": "RHBZ#486928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-1061",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1061"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1061",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1061"
}
],
"release_date": "2009-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-03-25T13:48:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0376"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple JBIG2-related security flaws"
},
{
"cve": "CVE-2009-1062",
"discovery_date": "2009-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "486928"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple JBIG2-related security flaws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-1062"
},
{
"category": "external",
"summary": "RHBZ#486928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-1062",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1062"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1062",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1062"
}
],
"release_date": "2009-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-03-25T13:48:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0376"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple JBIG2-related security flaws"
}
]
}
RHSA-2009_0376
Vulnerability from csaf_redhat - Published: 2009-03-25 13:48 - Updated: 2024-11-14 10:07Summary
Red Hat Security Advisory: acroread security update
Severity
Critical
Notes
Topic: Updated acroread packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4
Extras, and Red Hat Enterprise Linux 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details: Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
Multiple input validation flaws were discovered in the JBIG2 compressed
images decoder used by Adobe Reader. A malicious PDF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader. (CVE-2009-0193, CVE-2009-0658, CVE-2009-0928, CVE-2009-1061,
CVE-2009-1062)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 8.1.4, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-1061 and CVE-2009-1062.
6.8 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 3AS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3AS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
6.8 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 3AS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3AS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table.
6.8 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 3AS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3AS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 and "input validation," a different vulnerability than CVE-2009-0193 and CVE-2009-1062.
6.8 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 3AS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3AS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061.
6.8 ()
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 3AS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3AS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3ES-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 3WS-LACD:acroread-plugin-0:8.1.4-1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
References
21 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2009:0376 | self |
| http://www.adobe.com/support/security/bulletins/a… | external |
| http://www.redhat.com/security/updates/classifica… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=486928 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2009-0193 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=486928 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0193 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0193 | external |
| https://access.redhat.com/security/cve/CVE-2009-0658 | self |
| https://www.cve.org/CVERecord?id=CVE-2009-0658 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0658 | external |
| https://access.redhat.com/security/cve/CVE-2009-0928 | self |
| https://www.cve.org/CVERecord?id=CVE-2009-0928 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0928 | external |
| https://access.redhat.com/security/cve/CVE-2009-1061 | self |
| https://www.cve.org/CVERecord?id=CVE-2009-1061 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-1061 | external |
| https://access.redhat.com/security/cve/CVE-2009-1062 | self |
| https://www.cve.org/CVERecord?id=CVE-2009-1062 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-1062 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4\nExtras, and Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nMultiple input validation flaws were discovered in the JBIG2 compressed\nimages decoder used by Adobe Reader. A malicious PDF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader. (CVE-2009-0193, CVE-2009-0658, CVE-2009-0928, CVE-2009-1061,\nCVE-2009-1062)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 8.1.4, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:0376",
"url": "https://access.redhat.com/errata/RHSA-2009:0376"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb09-04.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#critical",
"url": "http://www.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "486928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486928"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_0376.json"
}
],
"title": "Red Hat Security Advisory: acroread security update",
"tracking": {
"current_release_date": "2024-11-14T10:07:14+00:00",
"generator": {
"date": "2024-11-14T10:07:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2009:0376",
"initial_release_date": "2009-03-25T13:48:00+00:00",
"revision_history": [
{
"date": "2009-03-25T13:48:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-03-25T09:48:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T10:07:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 3 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 3 Extras",
"product_id": "3AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:3"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 3 Extras",
"product": {
"name": "Red Hat Desktop version 3 Extras",
"product_id": "3Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:3"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 3 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 3 Extras",
"product_id": "3ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:3"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 3 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 3 Extras",
"product_id": "3WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-plugin-0:8.1.4-1.el5.i386",
"product": {
"name": "acroread-plugin-0:8.1.4-1.el5.i386",
"product_id": "acroread-plugin-0:8.1.4-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@8.1.4-1.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:8.1.4-1.el5.i386",
"product": {
"name": "acroread-0:8.1.4-1.el5.i386",
"product_id": "acroread-0:8.1.4-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@8.1.4-1.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:8.1.4-1.el4.i386",
"product": {
"name": "acroread-plugin-0:8.1.4-1.el4.i386",
"product_id": "acroread-plugin-0:8.1.4-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@8.1.4-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:8.1.4-1.el4.i386",
"product": {
"name": "acroread-0:8.1.4-1.el4.i386",
"product_id": "acroread-0:8.1.4-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@8.1.4-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:8.1.4-1.i386",
"product": {
"name": "acroread-plugin-0:8.1.4-1.i386",
"product_id": "acroread-plugin-0:8.1.4-1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@8.1.4-1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:8.1.4-1.i386",
"product": {
"name": "acroread-0:8.1.4-1.i386",
"product_id": "acroread-0:8.1.4-1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@8.1.4-1?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.i386 as a component of Red Hat Enterprise Linux AS version 3 Extras",
"product_id": "3AS-LACD:acroread-0:8.1.4-1.i386"
},
"product_reference": "acroread-0:8.1.4-1.i386",
"relates_to_product_reference": "3AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.i386 as a component of Red Hat Enterprise Linux AS version 3 Extras",
"product_id": "3AS-LACD:acroread-plugin-0:8.1.4-1.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.i386",
"relates_to_product_reference": "3AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.i386 as a component of Red Hat Desktop version 3 Extras",
"product_id": "3Desktop-LACD:acroread-0:8.1.4-1.i386"
},
"product_reference": "acroread-0:8.1.4-1.i386",
"relates_to_product_reference": "3Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.i386 as a component of Red Hat Desktop version 3 Extras",
"product_id": "3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.i386",
"relates_to_product_reference": "3Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.i386 as a component of Red Hat Enterprise Linux ES version 3 Extras",
"product_id": "3ES-LACD:acroread-0:8.1.4-1.i386"
},
"product_reference": "acroread-0:8.1.4-1.i386",
"relates_to_product_reference": "3ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.i386 as a component of Red Hat Enterprise Linux ES version 3 Extras",
"product_id": "3ES-LACD:acroread-plugin-0:8.1.4-1.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.i386",
"relates_to_product_reference": "3ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.i386 as a component of Red Hat Enterprise Linux WS version 3 Extras",
"product_id": "3WS-LACD:acroread-0:8.1.4-1.i386"
},
"product_reference": "acroread-0:8.1.4-1.i386",
"relates_to_product_reference": "3WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.i386 as a component of Red Hat Enterprise Linux WS version 3 Extras",
"product_id": "3WS-LACD:acroread-plugin-0:8.1.4-1.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.i386",
"relates_to_product_reference": "3WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-0:8.1.4-1.el5.i386"
},
"product_reference": "acroread-0:8.1.4-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:8.1.4-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-0:8.1.4-1.el5.i386"
},
"product_reference": "acroread-0:8.1.4-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:8.1.4-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
},
"product_reference": "acroread-plugin-0:8.1.4-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-0193",
"discovery_date": "2009-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "486928"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-1061 and CVE-2009-1062.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple JBIG2-related security flaws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0193"
},
{
"category": "external",
"summary": "RHBZ#486928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0193",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0193"
}
],
"release_date": "2009-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-03-25T13:48:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0376"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple JBIG2-related security flaws"
},
{
"cve": "CVE-2009-0658",
"discovery_date": "2009-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "486928"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple JBIG2-related security flaws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0658"
},
{
"category": "external",
"summary": "RHBZ#486928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0658",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0658"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0658",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0658"
}
],
"release_date": "2009-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-03-25T13:48:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0376"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple JBIG2-related security flaws"
},
{
"cve": "CVE-2009-0928",
"discovery_date": "2009-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "486928"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple JBIG2-related security flaws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0928"
},
{
"category": "external",
"summary": "RHBZ#486928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0928",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0928"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0928",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0928"
}
],
"release_date": "2009-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-03-25T13:48:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0376"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple JBIG2-related security flaws"
},
{
"cve": "CVE-2009-1061",
"discovery_date": "2009-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "486928"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 and \"input validation,\" a different vulnerability than CVE-2009-0193 and CVE-2009-1062.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple JBIG2-related security flaws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-1061"
},
{
"category": "external",
"summary": "RHBZ#486928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-1061",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1061"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1061",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1061"
}
],
"release_date": "2009-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-03-25T13:48:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0376"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple JBIG2-related security flaws"
},
{
"cve": "CVE-2009-1062",
"discovery_date": "2009-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "486928"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple JBIG2-related security flaws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-1062"
},
{
"category": "external",
"summary": "RHBZ#486928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-1062",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1062"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1062",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1062"
}
],
"release_date": "2009-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-03-25T13:48:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0376"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"3AS-LACD:acroread-0:8.1.4-1.i386",
"3AS-LACD:acroread-plugin-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-0:8.1.4-1.i386",
"3Desktop-LACD:acroread-plugin-0:8.1.4-1.i386",
"3ES-LACD:acroread-0:8.1.4-1.i386",
"3ES-LACD:acroread-plugin-0:8.1.4-1.i386",
"3WS-LACD:acroread-0:8.1.4-1.i386",
"3WS-LACD:acroread-plugin-0:8.1.4-1.i386",
"4AS-LACD:acroread-0:8.1.4-1.el4.i386",
"4AS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-0:8.1.4-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-0:8.1.4-1.el4.i386",
"4ES-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-0:8.1.4-1.el4.i386",
"4WS-LACD:acroread-plugin-0:8.1.4-1.el4.i386",
"5Client-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-0:8.1.4-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:8.1.4-1.el5.i386"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple JBIG2-related security flaws"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…