15 matches found
Adobe Acrobat Reader customDictionaryOpen Memory Corruption - Ver2 (CVE-2009-1493)
A memory corruption vulnerability has been reported in Adobe Reader. The vulnerability is due to insufficient input validation in the implementation of the customDictionaryOpen JavaScript method. A remote attacker could exploit this vulnerability by enticing the target user to open a malicious PD...
Adobe Reader JavaScript spell.customDictionaryOpen Method Memory Corruption - Ver2 (CVE-2009-1493)
Adobe develops products for creating, distributing, and viewing Portable Document Format PDF documents. Adobe Reader is a viewer application that allows for reading and the printing of PDF documents. Adobe Acrobat provides PDF authoring functionality in addition to those of viewing. A buffer...
SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6264)
This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. CVE-2009-1492 / CVE-2009-1493 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 899)
This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. CVE-2009-1492 / CVE-2009-1493 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...
SuSE 11 Security Update : acroread_ja (SAT Patch Number 904)
This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. CVE-2009-1492 / CVE-2009-1493 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...
RHEL 5 : acroread (RHSA-2009:0478)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:0478 advisory. Adobe Reader allows users to view and print documents in Portable Document Format PDF. Two flaws were discovered in Adobe Reader's JavaScrip...
openSUSE Security Update : acroread (acroread-893)
This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. CVE-2009-1492,CVE-2009-1493 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
openSUSE Security Update : acroread (acroread-893)
This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. CVE-2009-1492,CVE-2009-1493 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
SuSE Security Advisory SUSE-SA:2009:027 (acroread)
The remote host is missing updates announced in advisory SUSE-SA:2009:027. OpenVAS Vulnerability Test $Id: susesa2009027.nasl 6668 2017-07-11 13:34:29Z cfischer $ Description: Auto-generated from advisory SUSE-SA:2009:027 acroread Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
SUSE: Security Advisory for acroread (SUSE-SA:2009:027)
The remote host is missing updates announced in advisory SUSE-SA:2009:027. Copyright C 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...
RedHat Security Advisory RHSA-2009:0478
The remote host is missing updates announced in advisory RHSA-2009:0478. Adobe Reader allows users to view and print documents in Portable Document Format PDF. Two flaws were discovered in Adobe Reader SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a...
US-CERT Technical Cyber Security Alert TA09-133B -- Adobe Reader and Acrobat JavaScript Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA09-133B Adobe Reader and Acrobat JavaScript Vulnerabilities Original release date: May 13, 2009 Last revised: -- Source: US-CERT Systems Affected Adobe Reader versions 9.1, 8.1.4, 7.1.1 and...
Critical: Red Hat Security Advisory: acroread security update
Updated acroread packages that fix two security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. Ado...
Adobe Reader Javascript API spell.customDictonaryOpen memory corruption
Added: 05/12/2009 CVE: CVE-2009-1493 BID: 34740 OSVDB: 54129 Background Adobe Reader is free software for viewing PDF documents. Problem A memory corruption vulnerability in the Javascript API in Adobe Reader allows command execution when a user opens a specially crafted PDF file which calls the...
CVE-2009-1493
The CVE-2009-1493 issue affects Adobe Reader 9.1, 8.1.4, 7.1.1 and earlier on Linux/UNIX. It stems from the JavaScript API function customDictionaryOpen, where insufficient input validation allows a long string in the second argument to trigger memory corruption and remote code execution or a den...