Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:AC43C22A92094CD032FDE7DE614FFD7A
HistoryNov 20, 2009 - 12:00 a.m.

Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution

2009-11-2000:00:00
SAINT Corporation
www.saintcorporation.com
22

0.009 Low

EPSS

Percentile

80.3%

JSON

Added: 11/20/2009
CVE: CVE-2009-2997
BID: 36638
OSVDB: 58926

Background

Adobe Reader is free software for viewing PDF documents.

Problem

A heap memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to an input validation error while parsing Universal 3D (U3D) files with a specially crafted field in the CLODMeshDeclaration block.

Resolution

Apply one of the security patches referenced in Adobe Security Bulletin APSB09-15.

References

<http://securitytracker.com/id?1023007&gt;

Limitations

Exploit works on Adobe Reader 9.1.

The user must open the exploit file in Adobe Reader and click on the square image box.

Platforms

Windows

Related

ubuntucve 1
saint 7
prion 1
cve 1
securityvulns 2
openvas 8
redhat 1
nessus 13
gentoo 1
seebug 1
suse 1
ubuntucve
ubuntucve
CVE-2009-2997
2009-10-19 00:00:00
saint
saint
Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
2009-11-20 00:00:00
Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
2009-11-20 00:00:00
Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
2009-11-20 00:00:00
prion
prion
Heap overflow
2009-10-19 22:30:00
cve
cve
CVE-2009-2997
2009-10-19 22:30:00
securityvulns
securityvulns
VUPEN Security - Adobe Acrobat and Reader U3D Filter Code Execution Vulnerabilities
2009-10-17 00:00:00
Adobe Acrobat / Reader multiple security vulnerabilities
2009-10-19 00:00:00
openvas
openvas
RedHat Security Advisory RHSA-2009:1499
2009-10-19 00:00:00
RedHat Security Advisory RHSA-2009:1499
2009-10-19 00:00:00
Gentoo Security Advisory GLSA 200910-03 (acroread)
2009-10-27 00:00:00
redhat
redhat
(RHSA-2009:1499) Critical: acroread security update
2009-10-14 00:00:00
nessus
nessus
RHEL 3 / 4 / 5 : acroread (RHSA-2009:1499)
2009-10-15 00:00:00
GLSA-200910-03 : Adobe Reader: Multiple vulnerabilities
2009-10-26 00:00:00
SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6584)
2011-01-27 00:00:00
gentoo
gentoo
Adobe Reader: Multiple vulnerabilities
2009-10-25 00:00:00
seebug
seebug
Adobe Reader: Multiple vulnerabilities
2009-10-27 00:00:00
suse
suse
remote code execution in acroread, acroread_ja
2009-10-26 13:17:31

0.009 Low

EPSS

Percentile

80.3%

JSON
Related for SAINT:AC43C22A92094CD032FDE7DE614FFD7A
ubuntucve1saint7prion1cve1securityvulns2openvas8redhat1nessus13gentoo1seebug1suse1