Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to execute arbitrary code via a crafted file that triggers memory corruption.

This update of acroread fixes the following vulnerabilities :

  - stack overflow that could lead to code execution.
    (CVE-2009-1855)

  - integer overflow with potential to lead to arbitrary     code execution. (CVE-2009-1856)

  - memory corruption with potential to lead to arbitrary     code execution. (CVE-2009-1857)

  - memory corruption with potential to lead to arbitrary     code execution. (CVE-2009-1858)

  - memory corruption with potential to lead to arbitrary     code execution. (CVE-2009-1859)

  - memory corruption with potential to lead to arbitrary     code execution. (CVE-2009-0198)

  - heap overflow that could lead to code execution.
    (CVE-2009-0509 / CVE-2009-0510 / CVE-2009-0511 /     CVE-2009-0512)

  - heap overflow that could lead to code execution.
    (CVE-2009-1861)

This update of acroread fixes the following vulnerabilities :

  - CVE-2009-1855: stack overflow that could lead to code     execution

  - CVE-2009-1856: integer overflow with potential to lead     to arbitrary code execution

  - CVE-2009-1857: memory corruption with potential to lead     to arbitrary code execution

  - CVE-2009-1858: memory corruption with potential to lead     to arbitrary code execution

  - CVE-2009-1859: memory corruption with potential to lead     to arbitrary code execution

  - CVE-2009-0198: memory corruption with potential to lead     to arbitrary code execution

  - CVE-2009-0509, CVE-2009-0510 CVE-2009-0511,     CVE-2009-0512: heap overflow that could lead to code     execution

  - CVE-2009-1861: heap overflow that could lead to code     execution

This update of acroread fixes the following security vulnerabilities :

  - stack overflow that could lead to code execution.
    (CVE-2009-1855)

  - integer overflow with potential to lead to arbitrary     code execution. (CVE-2009-1856)

  - memory corruption with potential to lead to arbitrary     code execution. (CVE-2009-1857)

  - memory corruption with potential to lead to arbitrary     code execution. (CVE-2009-1858)

  - memory corruption with potential to lead to arbitrary     code execution. (CVE-2009-1859)

  - memory corruption with potential to lead to arbitrary     code execution. (CVE-2009-0198)

  - heap overflow that could lead to code execution.
    (CVE-2009-0509 / CVE-2009-0510 / CVE-2009-0511 /     CVE-2009-0512)

  - heap overflow that could lead to code execution.
    (CVE-2009-1861)

The version of Adobe Acrobat installed on the remote host is earlier than 9.1.2 / 8.1.6 / 7.1.3.  Such versions are reportedly affected by multiple vulnerabilities :

  - A stack-based buffer overflow can lead to code     execution. (CVE-2009-1855)

  - An integer buffer overflow can result in an application     crash and possibly code execution, although that has     not been shown yet. (CVE-2009-1856)

  - A memory corruption issue can result in an application     crash and possibly code execution, although that has     not been shown yet. (CVE-2009-1857)

  - A memory corruption issue in the JBIG2 filter can lead     to code execution. (CVE-2009-1858)

  - A memory corruption issue can lead to code execution.
    (CVE-2009-1859)

  - A memory corruption issue in the JBIG2 filter can     result in an application crash and possibly code     execution, although that has not been shown yet.
    (CVE-2009-0198)

  - Multiple heap buffer overflow vulnerabilities in the     JBIG2 filter can lead to code execution.
    (CVE-2009-0509, CVE-2009-0510, CVE-2009-0511,     CVE-2009-0512, CVE-2009-0888, CVE-2009-0889)

  - Multiple heap-based buffer overflow vulnerabilities can     lead to code execution. (CVE-2009-1861)

Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

Adobe Reader allows users to view and print documents in Portable Document Format (PDF).

Multiple security flaws were discovered in Adobe Reader. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened.
(CVE-2009-0198, CVE-2009-0509, CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, CVE-2009-0888, CVE-2009-0889, CVE-2009-1855, CVE-2009-1856, CVE-2009-1857, CVE-2009-1858, CVE-2009-1859, CVE-2009-1861, CVE-2009-2028)

All Adobe Reader users should install these updated packages. They contain Adobe Reader version 8.1.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.

The remote host is affected by the vulnerability described in GLSA-200907-06 (Adobe Reader: User-assisted execution of arbitrary code)

    Multiple vulnerabilities have been reported in Adobe Reader:
    Alin Rad Pop of Secunia Research reported a heap-based buffer     overflow in the JBIG2 filter (CVE-2009-0198).
    Mark Dowd of the IBM Internet Security Systems X-Force and     Nicolas Joly of VUPEN Security reported multiple heap-based buffer     overflows in the JBIG2 filter (CVE-2009-0509, CVE-2009-0510,     CVE-2009-0511, CVE-2009-0512, CVE-2009-0888, CVE-2009-0889)     Arr1val reported that multiple methods in the JavaScript API     might lead to memory corruption when called with crafted arguments     (CVE-2009-1492, CVE-2009-1493).
    An anonymous researcher reported a stack-based buffer overflow related     to U3D model files with a crafted extension block (CVE-2009-1855).
    Jun Mao and Ryan Smith of iDefense Labs reported an integer overflow     related to the FlateDecode filter, which triggers a heap-based buffer     overflow (CVE-2009-1856).
    Haifei Li of Fortinet's FortiGuard Global Security Research Team     reported a memory corruption vulnerability related to TrueType fonts     (CVE-2009-1857).
    The Apple Product Security Team reported a memory corruption     vulnerability in the JBIG2 filter (CVE-2009-1858).
    Matthew Watchinski of Sourcefire VRT reported an unspecified memory     corruption (CVE-2009-1859).
    Will Dormann of CERT reported multiple heap-based buffer overflows when     processing JPX (aka JPEG2000) stream that trigger heap memory     corruption (CVE-2009-1861).
    Multiple unspecified vulnerabilities have been discovered     (CVE-2009-2028).
  Impact :

    A remote attacker could entice a user to open a specially crafted     document, possibly resulting in the execution of arbitrary code with     the privileges of the user running the application.
  Workaround :

    There is no known workaround at this time.

The version of Adobe Reader installed on the remote host is earlier than 9.1.2 / 8.1.6 / 7.1.3.  Such versions are reportedly affected by multiple vulnerabilities :

  - A stack-based buffer overflow can lead to code execution.
    (CVE-2009-1855)

  - An integer buffer overflow can result in an application     crash and possibly code execution, although that has     not been shown yet. (CVE-2009-1856)

  - A memory corruption issue can result in an application     crash and possibly code execution, although that has     not been shown yet. (CVE-2009-1857)

  - A memory corruption issue in the JBIG2 filter can lead     to code execution. (CVE-2009-1858)

  - A memory corruption issue can lead to code execution.
    (CVE-2009-1859)

  - A memory corruption issue in the JBIG2 filter can     result in an application crash and possibly code     execution, although that has not been shown yet.
    (CVE-2009-0198)

  - Multiple heap-based buffer overflow vulnerabilities in     the JBIG2 filter can lead to code execution.
    (CVE-2009-0509, CVE-2009-0510, CVE-2009-0511,     CVE-2009-0512, CVE-2009-0888, CVE-2009-0889)

  - Multiple heap-based buffer overflow vulnerabilities can     lead to code execution. (CVE-2009-1861)

ID	Name	Product	Family	Severity
51707	SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6398)	Nessus	SuSE Local Security Checks	high
51692	SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6331)	Nessus	SuSE Local Security Checks	high
41990	openSUSE 10 Security Update : acroread (acroread-6332)	Nessus	SuSE Local Security Checks	high
41367	SuSE 11 Security Update : acroread_ja (SAT Patch Number 1170)	Nessus	SuSE Local Security Checks	high
41364	SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 1059)	Nessus	SuSE Local Security Checks	high
40805	Adobe Acrobat < 9.1.2 / 8.1.6 / 7.1.3 Multiple Vulnerabilities	Nessus	Windows	high
40746	RHEL 3 / 4 / 5 : acroread (RHSA-2009:1109)	Nessus	Red Hat Local Security Checks	critical
40184	openSUSE Security Update : acroread (acroread-1060)	Nessus	SuSE Local Security Checks	high
39908	openSUSE Security Update : acroread (acroread-1060)	Nessus	SuSE Local Security Checks	high
39777	GLSA-200907-06 : Adobe Reader: User-assisted execution of arbitrary code	Nessus	Gentoo Local Security Checks	critical
39355	Adobe Reader < 9.1.2 / 8.1.6 / 7.1.3 Multiple Vulnerabilities	Nessus	Windows	high

Detections

Analytics

CVE-2009-0509

high

Tenable Plugins

high

high

high

high

high

high

critical

high

high

critical

high