Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2009-2993
Description:The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-2993
BugTraq ID: 36638
http://www.securityfocus.com/bid/36638
BugTraq ID: 36664
http://www.securityfocus.com/bid/36664
Cert/CC Advisory: TA09-286B
http://www.us-cert.gov/cas/techalerts/TA09-286B.html
CERT/CC vulnerability note: VU#257117
http://www.kb.cert.org/vuls/id/257117
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5822
http://securitytracker.com/id?1023007
http://www.vupen.com/english/advisories/2009/2898




© 1998-2021 E-Soft Inc. All rights reserved.