Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Sun Alert 270669 Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause Denial of Service (DoS) - Adobe Security Bulletin APSB09-15
Informations
Name SUN-270669 First vendor Publication 2009-10-26
Vendor Sun Last vendor Modification 2009-11-30
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: Solaris 10

Multiple security vulnerabilities in Adobe Reader versions 9.x before 9.1.4, 8.x before 8.1.7 and 7.x before 7.1.4 may allow remote unprivileged users to execute arbitrary code or crash the Adobe Reader application, thereby causing a Denial of Service (DoS) condition. These vulnerabilities may be exploited via specially crafted PDF files.

The following resources document these issues in more detail:

Adobe Security Bulletin APSB09-15 at http://www.adobe.com/support/security/bulletins/apsb09-15.html
CVE-2009-2564 at http://www.security-database.com/detail.php?cve=CVE-2009-2564
CVE-2009-2979 at http://www.security-database.com/detail.php?cve=CVE-2009-2979
CVE-2009-2980 at http://www.security-database.com/detail.php?cve=CVE-2009-2980
CVE-2009-2981 at http://www.security-database.com/detail.php?cve=CVE-2009-2981
CVE-2009-2982 at http://www.security-database.com/detail.php?cve=CVE-2009-2982
CVE-2009-2983 at http://www.security-database.com/detail.php?cve=CVE-2009-2983
CVE-2009-2984 at http://www.security-database.com/detail.php?cve=CVE-2009-2984
CVE-2009-2985 at http://www.security-database.com/detail.php?cve=CVE-2009-2985
CVE-2009-2986 at http://www.security-database.com/detail.php?cve=CVE-2009-2986
CVE-2009-2987 at http://www.security-database.com/detail.php?cve=CVE-2009-2987
CVE-2009-2988 at http://www.security-database.com/detail.php?cve=CVE-2009-2988
CVE-2009-2989 at http://www.security-database.com/detail.php?cve=CVE-2009-2989
CVE-2009-2990 at http://www.security-database.com/detail.php?cve=CVE-2009-2990
CVE-2009-2991 at http://www.security-database.com/detail.php?cve=CVE-2009-2991
CVE-2009-2992 at http://www.security-database.com/detail.php?cve=CVE-2009-2992
CVE-2009-2993 at http://www.security-database.com/detail.php?cve=CVE-2009-2993
CVE-2009-2994 at http://www.security-database.com/detail.php?cve=CVE-2009-2994
CVE-2009-2995 at http://www.security-database.com/detail.php?cve=CVE-2009-2995
CVE-2009-2996 at http://www.security-database.com/detail.php?cve=CVE-2009-2996
CVE-2009-2997 at http://www.security-database.com/detail.php?cve=CVE-2009-2997
CVE-2009-2998 at http://www.security-database.com/detail.php?cve=CVE-2009-2998
CVE-2009-3431 at http://www.security-database.com/detail.php?cve=CVE-2009-3431
CVE-2009-3458 at http://www.security-database.com/detail.php?cve=CVE-2009-3458
CVE-2009-3459 at http://www.security-database.com/detail.php?cve=CVE-2009-3459
CVE-2009-3460 at http://www.security-database.com/detail.php?cve=CVE-2009-3460
CVE-2009-3461 at http://www.security-database.com/detail.php?cve=CVE-2009-3461
CVE-2009-3462 at http://www.security-database.com/detail.php?cve=CVE-2009-3462
CVE-2007-0045 at http://www.security-database.com/detail.php?cve=CVE-2007-0045
CVE-2007-0048 at http://www.security-database.com/detail.php?cve=CVE-2007-0048


State: Resolved
First released: 22-Oct-2009

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_270669_multiple_security

CWE : Common Weakness Enumeration

% Id Name
26 % CWE-20 Improper Input Validation
22 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
17 % CWE-399 Resource Management Errors
17 % CWE-189 Numeric Errors (CWE/SANS Top 25)
9 % CWE-264 Permissions, Privileges, and Access Controls
4 % CWE-310 Cryptographic Issues
4 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:22955
 
Oval ID: oval:org.mitre.oval:def:22955
Title: ELSA-2009:1499: acroread security update (Critical)
Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."
Family: unix Class: patch
Reference(s): ELSA-2009:1499-01
CVE-2009-2979
CVE-2009-2980
CVE-2009-2981
CVE-2009-2983
CVE-2009-2985
CVE-2009-2986
CVE-2009-2988
CVE-2009-2990
CVE-2009-2991
CVE-2009-2993
CVE-2009-2994
CVE-2009-2996
CVE-2009-2997
CVE-2009-2998
CVE-2009-3431
CVE-2009-3458
CVE-2009-3459
CVE-2009-3462
Version: 77
Platform(s): Oracle Linux 5
Product(s): acroread
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5523
 
Oval ID: oval:org.mitre.oval:def:5523
Title: Adobe Reader and Acrobat cause denial of service or possibly execute arbitrary code via unknown vectors
Description: Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x before 9.2, and possibly 7.x through 7.1.4 and 8.x through 8.1.7, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2984
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5557
 
Oval ID: oval:org.mitre.oval:def:5557
Title: Adobe Reader and Acrobat might allow remote attackers to execute arbitrary code via unknown vectors.
Description: Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2991
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5560
 
Oval ID: oval:org.mitre.oval:def:5560
Title: Adobe Reader and Acrobat memory corruption or possibly execute arbitrary code via unspecified vectors
Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2985.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2996
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5636
 
Oval ID: oval:org.mitre.oval:def:5636
Title: Adobe Reader and Acrobat cause DoS (memory corruption) or execute arbitrary code via unspecified vectors.
Description: Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2983
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5719
 
Oval ID: oval:org.mitre.oval:def:5719
Title: Adobe Reader and Acrobat getPlus_HelperSvc.exe) local elevation of privileges
Description: NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2564
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5822
 
Oval ID: oval:org.mitre.oval:def:5822
Title: Adobe Reader and Acrobat cause Multiple Vulnerabilities
Description: The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2993
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5888
 
Oval ID: oval:org.mitre.oval:def:5888
Title: Adobe Reader and Acrobat cause arbitrary code execution via unspecified vectors
Description: Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2986
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5964
 
Oval ID: oval:org.mitre.oval:def:5964
Title: Adobe Reader and Acrobat DoS or possibly execute arbitrary code via unspecified vectors
Description: Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2980
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6054
 
Oval ID: oval:org.mitre.oval:def:6054
Title: Adobe Reader and Acrobat allows attackers to cause a denial of service via unknown vectors
Description: An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2992
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6145
 
Oval ID: oval:org.mitre.oval:def:6145
Title: Adobe Reader and Acrobat cause DoS and Arbitrary Execution
Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2996.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2985
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6156
 
Oval ID: oval:org.mitre.oval:def:6156
Title: Adobe Reader and Acrobat allow attackers to execute arbitrary code via unspecified vectors
Description: Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2994
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6274
 
Oval ID: oval:org.mitre.oval:def:6274
Title: Adobe Reader and Acrobat cause denial of service via unknown vectors
Description: Unspecified vulnerability in an ActiveX control in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Windows allows remote attackers to cause a denial of service via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2987
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6280
 
Oval ID: oval:org.mitre.oval:def:6280
Title: Adobe Reader and Acrobat denial of service via a crafted document
Description: Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2979
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6284
 
Oval ID: oval:org.mitre.oval:def:6284
Title: Adobe Reader and Acrobat bypass intended Trust Manager restrictions via unspecified vectors
Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2981
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6297
 
Oval ID: oval:org.mitre.oval:def:6297
Title: Adobe Reader and Acrobat cause execution of arbitrary code vulnerability
Description: Integer overflow in Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2989
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6348
 
Oval ID: oval:org.mitre.oval:def:6348
Title: Adobe Reader and Acrobat DoS via long sequence of # (hash) characters
Description: Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a "cross-site scripting issue."
Family: windows Class: vulnerability
Reference(s): CVE-2007-0048
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6365
 
Oval ID: oval:org.mitre.oval:def:6365
Title: Adobe Reader and Acrobat social engineering attack via unknown vectors
Description: An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow remote attackers to conduct a "social engineering attack" via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2982
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6371
 
Oval ID: oval:org.mitre.oval:def:6371
Title: Adobe Reader and Acrobat allow attackers to execute arbitrary code via unspecified vectors
Description: Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2990
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6418
 
Oval ID: oval:org.mitre.oval:def:6418
Title: Adobe Reader and Acrobat allow arbitrary code execution and DoS
Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-3458.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2998
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6429
 
Oval ID: oval:org.mitre.oval:def:6429
Title: DEPRECATED: Adobe Reader and Acrobat 'format bug' remote arbitrary code execution
Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."
Family: windows Class: vulnerability
Reference(s): CVE-2009-3462
Version: 17
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6466
 
Oval ID: oval:org.mitre.oval:def:6466
Title: Adobe Reader and Acrobat allows attackers to bypass intended file-extension
Description: Unspecified vulnerability in Adobe Acrobat 9.x before 9.2 allows attackers to bypass intended file-extension restrictions via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-3461
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6481
 
Oval ID: oval:org.mitre.oval:def:6481
Title: Adobe Reader and Acrobat cause arbitrary code execution via unspecified vectors
Description: Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2997
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6483
 
Oval ID: oval:org.mitre.oval:def:6483
Title: Adobe Reader and Acrobat cause Denial of Service Vulnerability
Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which allows attackers to cause a denial of service via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2988
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6487
 
Oval ID: oval:org.mitre.oval:def:6487
Title: Adobe Reader and Acrobat Multiple Vulnerabilities
Description: Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."
Family: windows Class: vulnerability
Reference(s): CVE-2007-0045
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6499
 
Oval ID: oval:org.mitre.oval:def:6499
Title: Adobe Reader and Acrobat allow arbitrary code execution
Description: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998.
Family: windows Class: vulnerability
Reference(s): CVE-2009-3458
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6532
 
Oval ID: oval:org.mitre.oval:def:6532
Title: Adobe Reader and Acrobat denial of service (application crash) via a PDF
Description: Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (open square bracket) characters in the argument to the alert method. NOTE: some of these details are obtained from third party information.
Family: windows Class: vulnerability
Reference(s): CVE-2009-3431
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6534
 
Oval ID: oval:org.mitre.oval:def:6534
Title: Adobe Reader and Acrobat allow to execute arbitrary code via a crafted PDF file
Description: Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.
Family: windows Class: vulnerability
Reference(s): CVE-2009-3459
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6550
 
Oval ID: oval:org.mitre.oval:def:6550
Title: Adobe Reader and Acrobat allow memory corruption
Description: Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-3460
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6554
 
Oval ID: oval:org.mitre.oval:def:6554
Title: Adobe Reader and Acrobat allows attackers to cause a DoS via unspecified vectors.
Description: Integer overflow in Adobe Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-2995
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9693
 
Oval ID: oval:org.mitre.oval:def:9693
Title: Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."
Description: Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."
Family: unix Class: vulnerability
Reference(s): CVE-2007-0045
Version: 3
Platform(s): Red Hat Enterprise Linux Extras 3
Red Hat Enterprise Linux Extras 4
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 127
Application 1
Application 81
Application 37
Application 1

SAINT Exploits

Description Link
Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution More info here
Adobe Reader FlateDecode filter TIFF Predictor integer overflow More info here

ExploitDB Exploits

id Description
2009-10-27 Adobe Acrobat Reader 7-9 U3D BoF

OpenVAS Exploits

Date Description
2009-10-27 Name : Gentoo Security Advisory GLSA 200910-03 (acroread)
File : nvt/glsa_200910_03.nasl
2009-10-27 Name : SuSE Security Advisory SUSE-SA:2009:049 (acroread, acroread_ja)
File : nvt/suse_sa_2009_049.nasl
2009-10-22 Name : Adobe Acrobat Unspecified vulnerability
File : nvt/gb_adobe_acrobat_unspecified_vuln.nasl
2009-10-22 Name : Adobe Reader Multiple Vulnerabilities - Oct09 (Linux)
File : nvt/gb_adobe_prdts_mult_vuln_oct09_lin.nasl
2009-10-22 Name : Adobe Reader/Acrobat Multiple Vulnerabilities - Oct09 (Win)
File : nvt/gb_adobe_prdts_mult_vuln_oct09_win.nasl
2009-10-19 Name : RedHat Security Advisory RHSA-2009:1499
File : nvt/RHSA_2009_1499.nasl
2009-10-10 Name : SLES9: Security update for acroread
File : nvt/sles9p5018489.nasl
2009-10-06 Name : Adobe Acrobat PDF File Denial Of Service Vulnerability
File : nvt/gb_adobe_acrobat_pdf_dos_vuln.nasl
2009-01-28 Name : SuSE Update for acroread SUSE-SA:2007:011
File : nvt/gb_suse_2007_011.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200701-16 (acroread)
File : nvt/glsa_200701_16.nasl
2008-01-17 Name : Debian Security Advisory DSA 1336-1 (mozilla-firefox)
File : nvt/deb_1336_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
58929 Adobe Reader / Acrobat Unspecified ActiveX Input Handling DoS

58928 Adobe Reader / Acrobat Unspecified Trust Manager Restriction Bypass

58927 Adobe Reader / Acrobat Multiple Unspecified Heap Overflows

58926 Adobe Reader / Acrobat U3D Processing Heap Corruption

58925 Adobe Reader Plug-in for Mozilla Unloading Use-after-free Arbitrary Code Exec...

58924 Adobe Reader / Acrobat on Unix Debug Mode Arbitrary Code Execution

58923 Adobe Reader / Acrobat Unspecified Memory Corruption (2009-2996)

58922 Adobe Reader / Acrobat PDF Compact Font Format Malformed Index Handling Memor...

58921 Adobe Reader / Acrobat XMP-XML Entity Expansion Unspecified DoS

58920 Adobe Reader / Acrobat PDF U3D File Handling Invalid Array Index Arbitrary Co...

58919 Adobe Reader / Acrobat Unspecified File Extension Security Controls Bypass

58918 Adobe Acrobat Image Decoder Unspecified Input Validation Issue

58917 Adobe Reader / Acrobat Unspecified Integer Overflow (2009-2995)

58916 Adobe Reader / Acrobat Unspecified Integer Overflow (2009-2980)

58915 Adobe Acrobat Unspecified Integer Overflow (2009-2989)

58914 Adobe Acrobat Unspecified Memory Corruption (2009-3460)

58913 Adobe Reader / Acrobat COM Object Loading / Unloading Memory Corruption

58912 Adobe Reader / Acrobat U3D CLODProgressiveMeshDeclaration Array Overflow

Acrobat and Reader are prone to an overflow condition. The programs fail to properly sanitize user-supplied input resulting in an array overflow. With a specially crafted PDF file containing malformed U3D data, a context-dependent attacker can potentially cause arbitrary code execution.
58911 Adobe Reader / Acrobat Unspecified Input Validation DoS (2009-2988)

58910 Adobe Reader / Acrobat Unspecified Arbitrary Code Execution (2009-3458)

58909 Adobe Reader / Acrobat Unspecified Certificate Spoofing Weakness

58908 Adobe Reader / Acrobat Multiple Unspecified Validation Weakness Arbitrary Cod...

58907 Adobe Reader / Acrobat on Windows ActiveX Unspecified DoS

58906 Adobe Reader / Acrobat Unspecified Arbitrary Code Execution (2009-2998)

58729 Adobe Reader / Acrobat ParamX Parameter PDF File Handling Overflow

A buffer overflow exists in Acrobat & Reader. The applications fail to validate PDF files resulting in an unspecified heap overflow overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
58415 Adobe Acrobat Alert Method Square Bracket Character DoS

Adobe Acrobat contains a flaw that may allow a remote denial of service. The issue is triggered when Acrobat opens a PDF file with a large number of "[" (square bracket) characters to the alert method, and will result in loss of availability for the service.
56120 Adobe getPlus DLM \NOS\bin\getPlus_HelperSvc.exe Permission Weakness Local Pr...

31596 Adobe Acrobat Reader Plugin PDF URL Memory Corruption DoS

Acrobat contains a flaw that may allow a remote denial of service. The issue is triggered when the plugin is used with Internet Explorer and processes a malformed URL, and will result in loss of availability for the browser.
31046 Adobe Acrobat Reader Browser Plug-in PDF XSS

Acrobat Reader contains a flaw that allows a remote cross site scripting attack. This flaw exists because the browser plug-in does not validate user supplied input to the hosted PDF file before returning the input to the user. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's Acrobat Reader browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Snort® IPS/IDS

Date Description
2014-01-10 Adobe Acrobat Plugin Universal cross-site scripting attempt
RuleID : 9842 - Revision : 11 - Type : FILE-PDF
2016-04-05 Adobe Acrobat and Reader U3D Buffer Overflow buffer overflow attempt
RuleID : 37911 - Revision : 1 - Type : FILE-PDF
2016-04-05 Adobe Acrobat and Reader U3D Buffer Overflow buffer overflow attempt
RuleID : 37910 - Revision : 1 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader compact font format memory corruption attempt
RuleID : 28717 - Revision : 7 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader compact font format memory corruption attempt
RuleID : 28716 - Revision : 7 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader FlateDecode integer overflow attempt
RuleID : 25588 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader malformed FlateDecode colors declaration
RuleID : 16677 - Revision : 14 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader malformed FlateDecode colors declaration
RuleID : 16676 - Revision : 14 - Type : FILE-PDF
2014-01-10 AcroPDF.PDF ActiveX function call unicode access
RuleID : 16389 - Revision : 4 - Type : WEB-ACTIVEX
2014-01-10 AcroPDF.PDF ActiveX function call access
RuleID : 16388 - Revision : 7 - Type : BROWSER-PLUGINS
2014-01-10 AcroPDF.PDF ActiveX clsid unicode access
RuleID : 16387 - Revision : 4 - Type : WEB-ACTIVEX
2014-01-10 AcroPDF.PDF ActiveX clsid access
RuleID : 16386 - Revision : 7 - Type : BROWSER-PLUGINS
2014-01-10 Adobe Acrobat Reader U3D CLODMeshContinuation code execution attempt
RuleID : 16373 - Revision : 13 - Type : FILE-PDF
2014-01-10 Adobe JPEG2k uninitialized QCC memory corruption attempt
RuleID : 16325 - Revision : 13 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader doc.export arbitrary file write attempt
RuleID : 16324 - Revision : 12 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader JPEG2k uninitialized QCC memory corruption attempt
RuleID : 16323 - Revision : 13 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader oversized object width attempt
RuleID : 16322 - Revision : 13 - Type : FILE-PDF
2014-01-10 Adobe tiff oversized image length attempt
RuleID : 16321 - Revision : 10 - Type : FILE-IMAGE
2014-01-10 Adobe PNG empty sPLT exploit attempt
RuleID : 16320 - Revision : 6 - Type : FILE-IMAGE
2014-01-10 Malformed BMP dimensions arbitrary code execution attempt
RuleID : 16222 - Revision : 11 - Type : FILE-IMAGE
2014-01-10 Adobe Acrobat Reader collab.addStateModel remote corruption attempt
RuleID : 16176 - Revision : 13 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader collab.removeStateModel denial of service attempt
RuleID : 16175 - Revision : 14 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader U3D progressive mesh continuation off by one index attempt
RuleID : 16174 - Revision : 10 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader U3D progressive mesh continuation pointer overwrite attempt
RuleID : 16173 - Revision : 10 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader U3D line set heap corruption attempt
RuleID : 16172 - Revision : 10 - Type : FILE-PDF
2015-05-28 U3D CLOD Progressive Mesh Continuation incorrect index remote code execution ...
RuleID : 16171 - Revision : 6 - Type : WEB-CLIENT
2015-05-28 U3D CLOD Progressive Mesh Continuation oversized index remote code execution ...
RuleID : 16170 - Revision : 6 - Type : WEB-CLIENT
2015-05-28 Adobe Acrobat Reader javascript heap corruption attempt
RuleID : 16146 - Revision : 5 - Type : EXPLOIT
2014-01-10 Adobe Acrobat Reader FlateDecode integer overflow attempt
RuleID : 15709 - Revision : 19 - Type : FILE-PDF

Nessus® Vulnerability Scanner

Date Description
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0017.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0021.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread_ja-6585.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread_ja-6584.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread-6583.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread-6582.nasl - Type : ACT_GATHER_INFO
2009-10-30 Name : The remote openSUSE host is missing a security update.
File : suse_acroread-6588.nasl - Type : ACT_GATHER_INFO
2009-10-26 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200910-03.nasl - Type : ACT_GATHER_INFO
2009-10-26 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_acroread_ja-091022.nasl - Type : ACT_GATHER_INFO
2009-10-26 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_acroread-091022.nasl - Type : ACT_GATHER_INFO
2009-10-26 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_acroread-091022.nasl - Type : ACT_GATHER_INFO
2009-10-26 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_acroread-091022.nasl - Type : ACT_GATHER_INFO
2009-10-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1499.nasl - Type : ACT_GATHER_INFO
2009-10-14 Name : The version of Adobe Acrobat on the remote Windows host is affected by multip...
File : adobe_acrobat_apsb09-15.nasl - Type : ACT_GATHER_INFO
2009-10-14 Name : The PDF file viewer on the remote Windows host is affected by a memory corrup...
File : adobe_reader_apsb09-15.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_11433.nasl - Type : ACT_GATHER_INFO
2009-08-28 Name : The version of Adobe Acrobat on the remote Windows host is affected by multip...
File : adobe_acrobat_709.nasl - Type : ACT_GATHER_INFO
2009-01-31 Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : google_chrome_1_0_154_46.nasl - Type : ACT_GATHER_INFO
2007-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread-2508.nasl - Type : ACT_GATHER_INFO
2007-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread_ja-2545.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_acroread-2506.nasl - Type : ACT_GATHER_INFO
2007-07-27 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1336.nasl - Type : ACT_GATHER_INFO
2007-03-12 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2007-066-05.nasl - Type : ACT_GATHER_INFO
2007-02-18 Name : The remote host is missing a vendor-supplied security patch
File : suse_SA_2007_011.nasl - Type : ACT_GATHER_INFO
2007-01-26 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200701-16.nasl - Type : ACT_GATHER_INFO
2007-01-10 Name : The PDF file viewer on the remote Windows host is affected by several vulnera...
File : adobe_reader_709.nasl - Type : ACT_GATHER_INFO
2007-01-05 Name : The browser plugin on the remote Windows host is affected by multiple issues.
File : adobe_pdf_plugin_80.nasl - Type : ACT_GATHER_INFO
2006-11-06 Name : The remote host is missing Sun Security Patch number 121104-11
File : solaris10_121104.nasl - Type : ACT_GATHER_INFO