CVE-2009-0198 - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

CVE CVE-2009-0198
Status UNKNOWN
Description Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF file that contains JBIG2 text region segments with Huffman encoding.
Severity High
CVSS score 9,3
CVSS vector (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Phase ASSIGNED (04.05.2010)
NVD: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0198
References BID : 35274
BID : 35302
BUGTRAQ : 20090610 Secunia Research: Adobe Reader JBIG2 Text Region Segment Buffer Overflow
CERT : TA09-161A
CONFIRM : http://www.adobe.com/support/security/bulletins/ap...
GENTOO : GLSA-200907-06
MISC : http://secunia.com/secunia_research/2009-24/
REDHAT : RHSA-2009:1109
SECTRACK : 1022361
SECUNIA : 34580
SECUNIA : 35496
SECUNIA : 35655
SECUNIA : 35685
SECUNIA : 35734
SUSE : SUSE-SA:2009:035
SUSE : SUSE-SR:2009:012
VUPEN : ADV-2009-1547
XF : reader-acrobat-jbig2-code-exec(51015)
SecurityVulns: Adobe Acrobat / Reader code execution

test server