CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
100.0%
Added: 03/27/2009
CVE: CVE-2009-0927
BID: 34169
Adobe Acrobat is software for creating PDF documents. Adobe Reader is free software for viewing PDF documents.
A buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the JavaScript getIcon method with a long, specially crafted argument.
Upgrade to Adobe Acrobat 7.1.1, 8.1.4, or 9.1 or higher as described in APSB09-04.
<http://www.zerodayinitiative.com/advisories/ZDI-09-014/>
Exploit works on Adobe Acrobat 9.0 and requires a user to load the exploit file in Adobe Acrobat.
Windows XP