Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:22000
HistoryJun 14, 2009 - 12:00 a.m.

VUPEN Security - Adobe Acrobat and Reader JBIG2 Filter Heap Overflow Vulnerability

2009-06-1400:00:00
vulners.com
23
JSON

VUPEN Security Research Advisory - VUPEN-SR-2009-04

Advisory URL: http://www.vupen.com/english/advisories/2009/1547

June 10, 2009

I. BACKGROUND

Adobe Acrobat is a family of computer programs developed by Adobe
Systems, designed to view, create, manipulate and manage files in
Adobe's Portable Document Format (PDF).

II. DESCRIPTION

VUPEN Security discovered a critical vulnerability affecting Adobe
Acrobat and Reader.

This vulnerability is caused by an integer overflow error within the
JBIG2 filter when processing certain data streams within a PDF file,
which could allow attackers to cause a heap overflow and execute
arbitrary code by tricking a user into opening a specially crafted
document.

III. AFFECTED PRODUCTS

Adobe Reader versions prior to 9.1.2
Adobe Reader versions prior to 8.1.6
Adobe Reader versions prior to 7.1.3
Adobe Acrobat Standard versions prior to 9.1.2
Adobe Acrobat Pro versions prior to 9.1.2
Adobe Acrobat Pro Extended versions prior to 9.1.2
Adobe Acrobat versions prior to 8.1.6
Adobe Acrobat versions prior to 7.1.3

IV. Exploit - PoC & Binary Analysis

A proof-of-concept exploit has have been developed by VUPEN Security
and is available with the in-depth binary analysis of the vulnerability
through the VUPEN Exploits & PoCs Service.

http://www.vupen.com/exploits

V. SOLUTION

Upgrade to Adobe Reader and Acrobat version 9.1.2, 8.1.6 and 7.1.3 :
http://www.adobe.com/support/security/bulletins/apsb09-07.html

VI. CREDIT

Thse vulnerability was discovered by Nicolas JOLY of VUPEN Security

VII. REFERENCES

http://www.vupen.com/english/advisories/2009/1547
http://www.adobe.com/support/security/bulletins/apsb09-07.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0509

VIII. DISCLOSURE TIMELINE

07/05/2009 - Vendor notified
07/05/2009 - Vendor response
05/06/2009 - Status update received
10/06/2009 - Coordinated public Disclosure

Related

prion 1
cve 1
checkpoint_advisories 3
ubuntucve 1
securityvulns 1
openvas 12
nessus 11
suse 1
threatpost 1
redhat 1
gentoo 1
prion
prion
Heap overflow
2009-06-11 15:30:00
cve
cve
CVE-2009-0509
2009-06-11 15:30:00
checkpoint_advisories
checkpoint_advisories
Adobe Reader JBIG2 Text Region Integer Overflow (APSB09-07; CVE-2009-0509)
2009-06-15 00:00:00
Adobe Reader JBIG2 Page Information Integer Overflow (APSB09-07; CVE-2009-0509)
2009-06-15 00:00:00
Adobe Reader PDF Documents Containing Embedded JBIG2 Streams (CVE-2009-0509; CVE-2009-0510; CVE-2009-0511; CVE-2009-0512)
2009-06-10 00:00:00
ubuntucve
ubuntucve
CVE-2009-0509
2009-06-11 00:00:00
securityvulns
securityvulns
Adobe Acrobat / Reader code execution
2009-09-04 00:00:00
openvas
openvas
SuSE Security Advisory SUSE-SA:2009:035 (acroread)
2009-07-06 00:00:00
SuSE Security Advisory SUSE-SA:2009:035 (acroread)
2009-07-06 00:00:00
Adobe Reader/Acrobat Multiple BOF Vulnerabilities - Jun09 (Windows)
2009-06-16 00:00:00
nessus
nessus
SuSE 11 Security Update : acroread_ja (SAT Patch Number 1170)
2009-09-24 00:00:00
SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6331)
2011-01-27 00:00:00
openSUSE Security Update : acroread (acroread-1060)
2009-07-21 00:00:00
suse
suse
remote code execution in acroread
2009-07-01 18:07:59
threatpost
threatpost
Adobe slaps band-aid on 13 security holes
2009-06-09 21:54:04
redhat
redhat
(RHSA-2009:1109) Critical: acroread security update
2009-06-17 00:00:00
gentoo
gentoo
Adobe Reader: User-assisted execution of arbitrary code
2009-07-12 00:00:00
JSON
Related for SECURITYVULNS:DOC:22000
prion1cve1checkpoint_advisories3ubuntucve1securityvulns1openvas12nessus11suse1threatpost1redhat1gentoo1