Lucene search

K
ubuntucveUbuntu.comUB:CVE-2009-4324
HistoryDec 15, 2009 - 12:00 a.m.

CVE-2009-4324

2009-12-1500:00:00
ubuntu.com
ubuntu.com
18

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.97

Percentile

99.8%

Use-after-free vulnerability in the Doc.media.newPlayer method in
Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before
8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary
code via a crafted PDF file using ZLib compressed streams, as exploited in
the wild in December 2009.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchacroread< 9.3.1-1hardy2UNKNOWN
ubuntu8.10noarchacroread< 9.3.1-1intrepid1UNKNOWN
ubuntu9.04noarchacroread< 9.3.1-1jaunty1UNKNOWN
ubuntu9.10noarchacroread< 9.3.1-1karmic1UNKNOWN

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.97

Percentile

99.8%