Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-1493
HistoryApr 30, 2009 - 8:30 p.m.

CVE-2009-1493

2009-04-3020:30:00
CWE-399
[email protected]
web.nvd.nist.gov
46
adobe
reader
9.1
customdictionaryopen
spell method
remote code execution
memory corruption
cve-2009-1493
nvd

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.97 High

EPSS

Percentile

99.8%

JSON

The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.

References

Related

saint 4
checkpoint_advisories 2
prion 1
ubuntucve 1
redhat 1
nessus 9
openvas 11
threatpost 1
kaspersky 1
securityvulns 2
cert 1
suse 1
gentoo 1
saint
saint
Adobe Reader Javascript API spell.customDictonaryOpen memory corruption
2009-05-12 00:00:00
Adobe Reader Javascript API spell.customDictonaryOpen memory corruption
2009-05-12 00:00:00
Adobe Reader Javascript API spell.customDictonaryOpen memory corruption
2009-05-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Reader JavaScript spell.customDictionaryOpen Method Memory Corruption - Ver2 (CVE-2009-1493)
2014-03-03 00:00:00
Adobe Acrobat Reader customDictionaryOpen Memory Corruption - Ver2 (CVE-2009-1493)
2014-03-03 00:00:00
prion
prion
Memory corruption
2009-04-30 20:30:00
ubuntucve
ubuntucve
CVE-2009-1493
2009-04-30 00:00:00
redhat
redhat
(RHSA-2009:0478) Critical: acroread security update
2009-05-13 00:00:00
nessus
nessus
SuSE 11 Security Update : acroread_ja (SAT Patch Number 904)
2009-09-24 00:00:00
SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6260)
2011-01-27 00:00:00
openSUSE Security Update : acroread (acroread-893)
2009-07-21 00:00:00
openvas
openvas
Solaris Update for Adobe Acrobat Reader 121104-10
2009-10-13 00:00:00
Adobe Reader Denial of Service Vulnerability (May 2009)
2009-05-11 00:00:00
RedHat Security Advisory RHSA-2009:0478
2009-05-20 00:00:00
threatpost
threatpost
Adobe joins Patch Tuesday barrage
2009-05-13 14:36:11
kaspersky
kaspersky
KLA10033 Multiple ACE vulnerabilities in Adobe Acrobat & Reader
2009-06-09 00:00:00
securityvulns
securityvulns
Adobe reader multiple security vulnerabilities
2009-05-14 00:00:00
US-CERT Technical Cyber Security Alert TA09-133B -- Adobe Reader and Acrobat JavaScript Vulnerabilities
2009-05-14 00:00:00
cert
cert
Adobe Reader and Acrobat customDictionaryOpen() and getAnnots() JavaScript vulnerabilities
2009-04-29 00:00:00
suse
suse
remote code execution in acroread
2009-05-20 18:01:50
gentoo
gentoo
Adobe Reader: User-assisted execution of arbitrary code
2009-07-12 00:00:00

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.97 High

EPSS

Percentile

99.8%

JSON
Related for CVE-2009-1493
saint4checkpoint_advisories2prion1ubuntucve1redhat1nessus9openvas11threatpost1kaspersky1securityvulns2cert1suse1gentoo1