9.3

CVE-2009-0658

Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeAcrobat Version >= 7.0 <= 7.1.1
AdobeAcrobat Version >= 8.0 <= 8.1.4
AdobeAcrobat Version9.0
AdobeAcrobat Reader Version >= 7.0 <= 7.1.1
AdobeAcrobat Reader Version >= 8.0 <= 8.1.4
AdobeAcrobat Reader Version9.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 87.72% 0.997
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.adobe.com/support/security/bulletins/apsb09-04.html
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
Third Party Advisory
http://isc.sans.org/diary.html?n&storyid=5902
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html
Third Party Advisory
http://osvdb.org/52073
Broken Link
http://secunia.com/advisories/33901
Third Party Advisory
http://secunia.com/advisories/34392
Third Party Advisory
http://secunia.com/advisories/34490
Third Party Advisory
http://secunia.com/advisories/34706
Third Party Advisory
http://secunia.com/advisories/34790
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200904-17.xml
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1
Third Party Advisory
http://www.adobe.com/support/security/advisories/apsa09-01.html
Vendor Advisory
http://www.kb.cert.org/vuls/id/905281
Third Party Advisory
US Government Resource
http://www.redhat.com/support/errata/RHSA-2009-0376.html
Third Party Advisory
http://www.securityfocus.com/bid/33751
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1021739
Third Party Advisory
VDB Entry
http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219
Third Party Advisory
http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99&tabid=2
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA09-051A.html
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2009/0472
Third Party Advisory
http://www.vupen.com/english/advisories/2009/1019
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/48825
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697
Tool Signature
https://www.exploit-db.com/exploits/8090
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/8099
Third Party Advisory
VDB Entry