CERT-In Advisory CIAD-2009-28
Multiple vulnerabilities in Adobe Acrobat and Reader
Original issue date:
June 12, 2009
Severity Rating: High
Systems Affected
- Adobe Reader versions prior to 9.1.2
- Adobe Reader versions prior to 8.1.6
- Adobe Reader versions prior to 7.1.3
- Adobe Acrobat Standard versions prior to 9.1.2
- Adobe Acrobat Standard versions prior to 8.1.6
- Adobe Acrobat Standard versions prior to 7.1.3
- Adobe Acrobat Pro versions prior to 9.1.2
- Adobe Acrobat Pro Extended versions prior to 9.1.2
- Adobe Acrobat Pro versions prior to 8.1.6
Overview
Multiple vulnerabilities have been reported in Adobe Reader and Acrobat that could allow a remote attacker to execute an arbitrary code, cause denial-of-service conditions and take complete control of vulnerable system.
Description
1. Adobe Reader JBIG2 Text Region Segment Buffer Overflow Vulnerability (CVE-2009-0198)
This vulnerability is caused due to a boundary checking error in the processing of Huffman encoded JBIG2 text region segments in Adobe Reader. A remote attacker could exploit this vulnerability via a specially crafted PDF file to trigger a heap-based buffer overflow error. Successful exploitation of this vulnerability could allow a remote attacker to execute an arbitrary code.
2. Adobe Acrobat and Reader Multiple Buffer Overflow vulnerabilities (CVE-2009-0509 , CVE-2009-0510 ,
CVE-2009-0511, CVE-2009-0512 , CVE-2009-0888 ,
CVE-2009-0889)
Multiple Buffer overflow vulnerabilities have been reported in Adobe Acrobat and Reader due to failure in validating integers read from the Text Region, Pattern Dictionary, Halftone Region and Halftone Region Grid Area of the JBIG segments embedded in the file. A remote attacker could exploit this vulnerability by enticing users to open a specially crafted PDF file to trigger memory corruption error. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the target system with the privileges of the target user.
3. Adobe Reader and Acrobat U3D RHAdobeMeta Stack Overflow Vulnerability (CVE-2009-1855)
A Stack Overflow vulnerability has been reported in Adobe Acrobat and Reader due to insufficient bounds checking error when parsing malformed U3D model files contained in a PDF. A remote attacker could exploit this vulnerability by enticing users to open a specially crafted malicious file with extension block of a model to trigger stack overflow error. Successful exploitation of this vulnerability could allow a remote attacker to execute an arbitrary code on the target system with the privileges of the logged in user.
4. Adobe Reader and Acrobat Integer Overflow Vulnerability
(CVE-2009-1856)
A Integer overflow vulnerability has been reported in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code and cause Denial of Service condition.
5. Adobe Reader and Acrobat Unspecified Memory Corruption Vulnerability (CVE-2009-1857)
This vulnerability is caused due to unspecified error in Adobe Acrobat and Reader. A remote attacker could exploit this vulnerability via a specially crafted file to trigger memory corruption error. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code within the context of the affected application or cause denial of service condition.
6. Adobe Reader and Acrobat JBIG2 Filter Unspecified Memory Corruption Vulnerability (CVE-2009-1858)
This vulnerability is caused due to an unspecified error in Adobe Acrobat and Reader. A remote attacker could exploit this vulnerability by enticing users to open a specially crafted malicious file to trigger memory corruption error. Successful exploitation of this vulnerability could allow a remote attacker to execute an arbitrary code and to cause denial of service conditions.
7. Adobe Reader and Acrobat Unspecified Memory Corruption Vulnerability (CVE-2009-1859)
This vulnerability is caused due to an unspecified boundary checking error in Adobe Acrobat and Reader. A remote attacker could exploit this vulnerability via a specially crafted malicious file to trigger memory corruption error. Successful exploitation of this vulnerability could allow a remote attacker to execute an arbitrary code within the context of the affected application or to cause denial of service conditions.
8. Adobe Reader and Acrobat Multiple Unspecified Remote Heap Buffer Overflow Vulnerabilities (CVE-2009-1861)
Multiple remote heap-based buffer-overflow vulnerabilities have been reported in Adobe Acrobat and Reader due to failure in sanitization of user-supplied input. A remote attacker could exploit this vulnerability by enticing users to open a specially crafted malicious file to trigger heap based buffer overflow error. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code and to cause Denial of Service conditions.
Solution Update to version 9.1.2, 8.1.6 or 7.1.3
http://www.adobe.com/support/security/bulletins/apsb09-07.html
Vendor Information
Adobe
http://www.adobe.com/support/security/bulletins/apsb09-07.html
References
ISS XFORCE
http://www.iss.net/threats/327.html
Secunia
http://secunia.com/advisories/34580/1/
SecurityTracker
http://www.securitytracker.com/alerts/2009/Jun/1022361.html
US-CERT
http://www.kb.cert.org/vuls/id/568153
ZDI
http://www.zerodayinitiative.com/advisories/ZDI-09-042/
SecurityFocus
http://www.securityfocus.com/bid/35274
VUPEN Security
http://www.vupen.com/english/advisories/2009/1547
CVE Name
CVE-2009-0198
CVE-2009-0509
CVE-2009-0510
CVE-2009-0511
CVE-2009-0512
CVE-2009-0888
CVE-2009-0889
CVE-2009-1855
CVE-2009-1856
CVE-2009-1857
CVE-2009-1858
CVE-2009-1859
CVE-2009-1861
CWE
CWE-119
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
