6.8 - CVE-2009-1493

Executive Summary

Informations
Name	CVE-2009-1493	First vendor Publication	2009-04-30
Vendor	Cve	Last vendor Modification	2017-09-29

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score	6.8	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1493

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-399	Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:22282

Oval ID:	oval:org.mitre.oval:def:22282
Title:	ELSA-2009:0478: acroread security update (Critical)
Description:	The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.
Family:	unix	Class:	patch
Reference(s):	ELSA-2009:0478-01 CVE-2009-1492 CVE-2009-1493	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	acroread
Definition Synopsis:
Oracle Linux 5.x rpm test acroread-plugin is earlier than 0:8.1.5-1.el5 AND acroread is earlier than 0:8.1.5-1.el5

CPE : Common Platform Enumeration

Type	Description	Count
Application	Adobe Reader cpe:2.3:a:adobe:reader:9.1:::::::* cpe:2.3:a:adobe:reader:8.1.4:::::::*	2

SAINT Exploits

Description	Link
Adobe Reader Javascript API spell.customDictonaryOpen memory corruption	More info here

OpenVAS Exploits

Date	Description
2009-10-13	Name : Solaris Update for Adobe Acrobat Reader 121104-10 File : nvt/gb_solaris_121104_10.nasl
2009-07-29	Name : Gentoo Security Advisory GLSA 200907-06 (acroread) File : nvt/glsa_200907_06.nasl
2009-06-15	Name : SuSE Security Summary SUSE-SR:2009:011 File : nvt/suse_sr_2009_011.nasl
2009-05-25	Name : SuSE Security Advisory SUSE-SA:2009:027 (acroread) File : nvt/suse_sa_2009_027.nasl
2009-05-20	Name : RedHat Security Advisory RHSA-2009:0478 File : nvt/RHSA_2009_0478.nasl
2009-05-11	Name : Adobe Reader Denial of Service Vulnerability (May09) File : nvt/gb_adobe_reader_dos_vuln_may09_lin.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
54129	Adobe Reader customDictionaryOpen() JavaScript Method PDF Handling Memory Cor...

Snort® IPS/IDS

Date	Description
2014-01-10	Adobe Acrobat Reader spell.customDictionaryOpen exploit attempt RuleID : 23500 - Revision : 5 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader spell.customDictionaryOpen exploit attempt RuleID : 15492 - Revision : 15 - Type : FILE-PDF

Nessus® Vulnerability Scanner

Date	Description
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread-6260.nasl - Type : ACT_GATHER_INFO
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread_ja-6264.nasl - Type : ACT_GATHER_INFO
2009-09-24	Name : The remote SuSE 11 host is missing a security update. File : suse_11_acroread-090519.nasl - Type : ACT_GATHER_INFO
2009-09-24	Name : The remote SuSE 11 host is missing a security update. File : suse_11_acroread_ja-090519.nasl - Type : ACT_GATHER_INFO
2009-08-28	Name : The version of Adobe Acrobat on the remote Windows host is affected by a memo... File : adobe_acrobat_911.nasl - Type : ACT_GATHER_INFO
2009-08-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0478.nasl - Type : ACT_GATHER_INFO
2009-07-21	Name : The remote openSUSE host is missing a security update. File : suse_11_0_acroread-090519.nasl - Type : ACT_GATHER_INFO
2009-07-21	Name : The remote openSUSE host is missing a security update. File : suse_11_1_acroread-090519.nasl - Type : ACT_GATHER_INFO
2009-07-13	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200907-06.nasl - Type : ACT_GATHER_INFO
2009-05-22	Name : The remote openSUSE host is missing a security update. File : suse_acroread-6258.nasl - Type : ACT_GATHER_INFO
2009-05-13	Name : The PDF file viewer on the remote Windows host is affected by a memory corrup... File : adobe_reader_911.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/34740
CERT	http://www.us-cert.gov/cas/techalerts/TA09-133B.html
CERT-VN	http://www.kb.cert.org/vuls/id/970180
CONFIRM	http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=926953 http://www.adobe.com/support/security/bulletins/apsb09-06.html
EXPLOIT-DB	https://www.exploit-db.com/exploits/8570
GENTOO	http://security.gentoo.org/glsa/glsa-200907-06.xml
MISC	http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt
OSVDB	http://osvdb.org/54129
REDHAT	http://www.redhat.com/support/errata/RHSA-2009-0478.html
SECTRACK	http://www.securitytracker.com/id?1022139
SECUNIA	http://secunia.com/advisories/34924 http://secunia.com/advisories/35055 http://secunia.com/advisories/35096 http://secunia.com/advisories/35152 http://secunia.com/advisories/35358 http://secunia.com/advisories/35416 http://secunia.com/advisories/35734
SUNALERT	http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1
SUSE	http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
VUPEN	http://www.vupen.com/english/advisories/2009/1189 http://www.vupen.com/english/advisories/2009/1317
XF	https://exchange.xforce.ibmcloud.com/vulnerabilities/50146

Alert History

If you want to see full details history, please login or register.

Date	Informations
2020-05-23 00:23:43	Multiple Updates
2017-09-29 09:24:12	Multiple Updates
2017-08-17 09:22:34	Multiple Updates
2016-06-28 17:40:34	Multiple Updates
2016-04-26 18:47:43	Multiple Updates
2014-02-17 10:49:52	Multiple Updates
2014-01-19 21:25:51	Multiple Updates
2013-05-10 23:49:43	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	1
CPE ID(s)	2
Sources(s)	26
Saint Exploit(s)	1
osvdb(s)	1
Openvas Exploit(s)	6
Snort® Rule(s)	2
Nessus® Exploit(s)	11

	Related
10	GLSA-200907-06
9.3	VU#970180
9.3	TA09-133B
9.3	SUN-259028
9.3	RHSA-2009:0478
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 5 more Alert(s)