Computer Security

Adobe reader multiple security vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Adobe reader multiple security vulnerabilities
Published:14.05.2009
Source:CERT
SecurityVulns ID:9908
Type:remote
Level:7/10
Description:Vulnerabilities in different jkavascript methods.
Affected:ADOBE : Reader 8.1
 ADOBE : Acrobat 8.1
 ADOBE : Reader 9.1
 ADOBE : Acrobat 9.1
CVE:CVE-2009-1493 (The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 8.1.4 and 9.1 on Linux allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.)
 CVE-2009-1492 (The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments.)
Original documentdocumentCERT, US-CERT Technical Cyber Security Alert TA09-133B -- Adobe Reader and Acrobat JavaScript Vulnerabilities (14.05.2009)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server