Test Kennung:	1.3.6.1.4.1.25623.1.0.900320
Kategorie:	Buffer overflow
Titel:	Adobe Acrobat / Reader Buffer Overflow Vulnerability (APSA09-01) - Windows
Zusammenfassung:	Adobe Acrobat / Adobe Reader is prone to a buffer overflow vulnerability.
Beschreibung:	Summary: Adobe Acrobat / Adobe Reader is prone to a buffer overflow vulnerability. Vulnerability Insight: This issue is due to error in array indexing while processing JBIG2 streams and unspecified vulnerability related to a JavaScript method. Vulnerability Impact: This can be exploited to corrupt arbitrary memory via a specially crafted PDF file, related to a non-JavaScript function call and to execute arbitrary code in context of the affected application. Affected Software/OS: Adobe Reader/Acrobat version 9.x < 9.1, 8.x < 8.1.4, 7.x < 7.1.1 on Windows. Solution: Upgrade to Reader/Acrobat version 9.1 or 7.1.1 or 8.1.4 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0658 BugTraq ID: 33751 http://www.securityfocus.com/bid/33751 Cert/CC Advisory: TA09-051A http://www.us-cert.gov/cas/techalerts/TA09-051A.html CERT/CC vulnerability note: VU#905281 http://www.kb.cert.org/vuls/id/905281 https://www.exploit-db.com/exploits/8090 https://www.exploit-db.com/exploits/8099 http://www.vupen.com/english/advisories/2009/0472 http://security.gentoo.org/glsa/glsa-200904-17.xml http://isc.sans.org/diary.html?n&storyid=5902 http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219 http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99&tabid=2 http://osvdb.org/52073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697 http://www.redhat.com/support/errata/RHSA-2009-0376.html http://www.securitytracker.com/id?1021739 http://secunia.com/advisories/33901 http://secunia.com/advisories/34392 http://secunia.com/advisories/34490 http://secunia.com/advisories/34706 http://secunia.com/advisories/34790 http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1 SuSE Security Announcement: SUSE-SA:2009:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html SuSE Security Announcement: SUSE-SR:2009:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://www.vupen.com/english/advisories/2009/1019 XForce ISS Database: adobe-acrobat-reader-image-bo(48825) https://exchange.xforce.ibmcloud.com/vulnerabilities/48825 Common Vulnerability Exposure (CVE) ID: CVE-2009-0927 BugTraq ID: 34169 http://www.securityfocus.com/bid/34169 Bugtraq: 20090324 ZDI-09-014: Adobe Acrobat getIcon() Stack Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/502116/100/0/threaded http://www.exploit-db.com/exploits/9579 http://www.zerodayinitiative.com/advisories/ZDI-09-014 http://www.securitytracker.com/id?1021861 http://www.vupen.com/english/advisories/2009/0770 XForce ISS Database: adobe-unspecified-javascript-code-execution(49312) https://exchange.xforce.ibmcloud.com/vulnerabilities/49312 Common Vulnerability Exposure (CVE) ID: CVE-2009-0193 BugTraq ID: 34229 http://www.securityfocus.com/bid/34229 Bugtraq: 20090325 Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/502155/100/0/threaded http://secunia.com/secunia_research/2009-14/ http://www.securitytracker.com/id?1021892 Common Vulnerability Exposure (CVE) ID: CVE-2009-0928 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=776 Common Vulnerability Exposure (CVE) ID: CVE-2009-1061 Common Vulnerability Exposure (CVE) ID: CVE-2009-1062 http://www.ivizsecurity.com/security-advisory-iviz-sr-09001.html
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.