Adobe Reader FlateDecode filter TIFF Predictor integer overflow

2009-10-27T00:00:00
ID SAINT:19D92BD2ABAFAA8C8FDB89798EE599D5
Type saint
Reporter SAINT Corporation
Modified 2009-10-27T00:00:00

Description

Added: 10/27/2009
CVE: CVE-2009-3459
BID: 36600
OSVDB: 58729

Background

Adobe Reader is free software for viewing PDF documents.

Problem

An integer overflow in the FlateDecode filter in Adobe Reader allows command execution when a user opens a PDF file containing specially crafted compressed objects which use the TIFF predictor.

Resolution

Upgrade to Adobe Reader 9.2 or higher.

References

<http://www.adobe.com/support/security/bulletins/apsb09-15.html>
<http://www.us-cert.gov/cas/techalerts/TA09-286B.html>

Limitations

Exploit works on Adobe Reader 9.1 and requires a user to open the exploit file in Adobe Reader.

Due to the nature of the vulnerability, the success of the exploit depends on the state of the target.

Platforms

Windows