Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:8CF82E3A6397E9B8435C50AC077BEDC8
HistoryOct 27, 2009 - 12:00 a.m.

Adobe Reader FlateDecode filter TIFF Predictor integer overflow

2009-10-2700:00:00
SAINT Corporation
my.saintcorporation.com
15

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.972 High

EPSS

Percentile

99.8%

JSON

Added: 10/27/2009
CVE: CVE-2009-3459
BID: 36600
OSVDB: 58729

Background

Adobe Reader is free software for viewing PDF documents.

Problem

An integer overflow in the FlateDecode filter in Adobe Reader allows command execution when a user opens a PDF file containing specially crafted compressed objects which use the TIFF predictor.

Resolution

Upgrade to Adobe Reader 9.2 or higher.

References

<http://www.adobe.com/support/security/bulletins/apsb09-15.html&gt;
<http://www.us-cert.gov/cas/techalerts/TA09-286B.html&gt;

Limitations

Exploit works on Adobe Reader 9.1 and requires a user to open the exploit file in Adobe Reader.

Due to the nature of the vulnerability, the success of the exploit depends on the state of the target.

Platforms

Windows

Related

checkpoint_advisories 1
packetstorm 2
securityvulns 2
ubuntucve 1
saint 3
cve 1
prion 1
seebug 2
openvas 8
nessus 13
redhat 1
gentoo 1
suse 1
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat and Adobe Reader Deflate Parameter Integer Overflow (CVE-2009-3459)
2014-12-17 00:00:00
packetstorm
packetstorm
Adobe FlateDecode Stream Predictor 02 Integer Overflow
2009-12-31 00:00:00
Adobe FlateDecode Stream Predictor 02 Integer Overflow
2009-12-31 00:00:00
securityvulns
securityvulns
In-depth research on the recent PDF zero-day exploit &#40;CVE-2009-3459&#41;
2009-10-19 00:00:00
Adobe Acrobat / Reader multiple security vulnerabilities
2009-10-19 00:00:00
ubuntucve
ubuntucve
CVE-2009-3459
2009-10-13 00:00:00
saint
saint
Adobe Reader FlateDecode filter TIFF Predictor integer overflow
2009-10-27 00:00:00
Adobe Reader FlateDecode filter TIFF Predictor integer overflow
2009-10-27 00:00:00
Adobe Reader FlateDecode filter TIFF Predictor integer overflow
2009-10-27 00:00:00
cve
cve
CVE-2009-3459
2009-10-13 10:30:00
prion
prion
Heap overflow
2009-10-13 10:30:00
seebug
seebug
Adobe Acrobat ReaderθΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž
2009-10-09 00:00:00
Adobe Reader: Multiple vulnerabilities
2009-10-27 00:00:00
openvas
openvas
RedHat Security Advisory RHSA-2009:1499
2009-10-19 00:00:00
RedHat Security Advisory RHSA-2009:1499
2009-10-19 00:00:00
Gentoo Security Advisory GLSA 200910-03 (acroread)
2009-10-27 00:00:00
nessus
nessus
RHEL 3 / 4 / 5 : acroread (RHSA-2009:1499)
2009-10-15 00:00:00
GLSA-200910-03 : Adobe Reader: Multiple vulnerabilities
2009-10-26 00:00:00
openSUSE Security Update : acroread (acroread-1426)
2009-10-26 00:00:00
redhat
redhat
(RHSA-2009:1499) Critical: acroread security update
2009-10-14 00:00:00
gentoo
gentoo
Adobe Reader: Multiple vulnerabilities
2009-10-25 00:00:00
suse
suse
remote code execution in acroread, acroread_ja
2009-10-26 13:17:31

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.972 High

EPSS

Percentile

99.8%

JSON
Related for SAINT:8CF82E3A6397E9B8435C50AC077BEDC8
checkpoint_advisories1packetstorm2securityvulns2ubuntucve1saint3cve1prion1seebug2openvas8nessus13redhat1gentoo1suse1