 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2009-2993 |
| Description: | The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information. |
| Test IDs: | None available |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-2993 BugTraq ID: 36638 http://www.securityfocus.com/bid/36638 BugTraq ID: 36664 http://www.securityfocus.com/bid/36664 Cert/CC Advisory: TA09-286B http://www.us-cert.gov/cas/techalerts/TA09-286B.html CERT/CC vulnerability note: VU#257117 http://www.kb.cert.org/vuls/id/257117 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5822 http://securitytracker.com/id?1023007 http://www.vupen.com/english/advisories/2009/2898 |