Adobe Reader: User-assisted execution of arbitrary code

Background Adobe Reader formerly Adobe Acrobat Reader is a closed-source PDF reader. Description Multiple vulnerabilities have been discovered in Adobe Reader: Alin Rad Pop of Secunia Research reported a heap-based buffer overflow when processing PDF files containing a malformed JBIG2 symbol...

Adobe JBIG2Decode Heap Corruption

This module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This module relies upon javascript for the heap spray. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class...

SuSE Security Advisory SUSE-SA:2009:014 (acroread)

The remote host is missing updates announced in advisory SUSE-SA:2009:014. OpenVAS Vulnerability Test $Id: susesa2009014.nasl 6668 2017-07-11 13:34:29Z cfischer $ Description: Auto-generated from advisory SUSE-SA:2009:014 acroread Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

SUSE: Security Advisory for acroread (SUSE-SA:2009:014)

The remote host is missing updates announced in advisory SUSE-SA:2009:014. Copyright C 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

RedHat Security Advisory RHSA-2009:0376

The remote host is missing updates announced in advisory RHSA-2009:0376. Adobe Reader allows users to view and print documents in Portable Document Format PDF. Multiple input validation flaws were discovered in the JBIG2 compressed images decoder used by Adobe Reader. A malicious PDF file could...

RedHat Security Advisory RHSA-2009:0376

The remote host is missing updates announced in advisory RHSA-2009:0376. Adobe Reader allows users to view and print documents in Portable Document Format PDF. Multiple input validation flaws were discovered in the JBIG2 compressed images decoder used by Adobe Reader. A malicious PDF file could...

Adobe Collab.getIcon() Buffer Overflow

This module exploits a buffer overflow in Adobe Reader and Adobe Acrobat. Affected versions include 'Adobe Collab.getIcon Buffer Overflow', 'Description' = %q This module exploits a buffer overflow in Adobe Reader and Adobe Acrobat. Affected versions include MSFLICENSE, 'Author' = 'MC', 'Didier...

Adobe JBIG2Decode Memory Corruption

This module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This module relies upon javascript for the heap spray. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class...

Adobe Acrobat JavaScript getIcon method buffer overflow

Added: 03/27/2009 CVE: CVE-2009-0927 BID: 34169 Background Adobe Acrobat is software for creating PDF documents. Adobe Reader is free software for viewing PDF documents. Problem A buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the JavaScript getIco...

Adobe Acrobat JavaScript getIcon method buffer overflow

Added: 03/27/2009 CVE: CVE-2009-0927 BID: 34169 Background Adobe Acrobat is software for creating PDF documents. Adobe Reader is free software for viewing PDF documents. Problem A buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the JavaScript getIco...

openSUSE 10 Security Update : acroread (acroread-6120)

Multiple flaws in the JBIG2 decoder and the JavaScript engine of the Adobe Reader allowed attackers to crash acroread or even execute arbitrary code by tricking users into opening specially crafted PDF files. CVE-2009-0658, CVE-2009-0927, CVE-2009-0193, CVE-2009-0928, CVE-2009-1061, CVE-2009-1062...

Critical: Red Hat Security Advisory: acroread security update

Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team...

acroread: multiple JBIG2-related security flaws

Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by...

CVE-2009-0193

Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-1061 and CVE-2009-1062...

Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow

====================================================================== Secunia Research 25/03/2009 - Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow - ====================================================================== Table of Contents Affected...

Adobe Acrobat和Reader JBIG2图形处理堆溢出漏洞

BUGTRAQ ID: 34229 CVECAN ID: CVE-2009-0928,CVE-2009-0193 Adobe Acrobat和Reader都是非常流行的PDF文件阅读器。 Adobe Acrobat和Reader在解析PDF文件中的JBIG2编码流时存在堆溢出漏洞。在解析JBIG2流的内容时，使用了表格中一个代表数值数目的32 位值来分配堆缓冲区，然后未经边界检查便使用文件中的值填充这个缓冲区，因此可能触发堆溢出。成功利用这个漏洞允许以当前登录用户的权限完全控制受影响的机器。 Adobe Acrobat 9 Adobe Acrobat 8 Adobe Acrobat 7....

Adobe Acrobat getIcon() Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required in that a user must visit a malicious web site or open a malicious file. The specific flaw exists when processing malicious JavaScript...

CVE-2009-0927

Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658...

CVE-2009-0927

Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658...

CVE-2009-0927

Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658...