9.3

CVE-2009-1492

Exploit
The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeAcrobat Version >= 7.0 <= 7.1.1
AdobeAcrobat Version >= 8.0 <= 8.1.4
AdobeAcrobat Version >= 9.0 <= 9.1
AdobeAcrobat Reader Version >= 7.0 <= 7.1.1
AdobeAcrobat Reader Version >= 8.0 <= 8.1.4
AdobeAcrobat Reader Version >= 9.0 <= 9.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 25.52% 0.977
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/35416
Third Party Advisory
http://blogs.adobe.com/psirt/2009/04/potential_adobe_reader_issue.html
Vendor Advisory
http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html
Vendor Advisory
http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html
Third Party Advisory
Mailing List
http://osvdb.org/54130
Broken Link
http://packetstorm.linuxsecurity.com/0904-exploits/getannots.txt
Third Party Advisory
Exploit
http://secunia.com/advisories/34924
Third Party Advisory
http://secunia.com/advisories/35055
Third Party Advisory
http://secunia.com/advisories/35096
Third Party Advisory
http://secunia.com/advisories/35152
Third Party Advisory
http://secunia.com/advisories/35358
Third Party Advisory
http://secunia.com/advisories/35734
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200907-06.xml
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1
Broken Link
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=926953
Third Party Advisory
http://www.adobe.com/support/security/bulletins/apsb09-06.html
Vendor Advisory
http://www.kb.cert.org/vuls/id/970180
Third Party Advisory
US Government Resource
http://www.redhat.com/support/errata/RHSA-2009-0478.html
Third Party Advisory
http://www.securityfocus.com/bid/34736
Third Party Advisory
Exploit
VDB Entry
http://www.securitytracker.com/id?1022139
Third Party Advisory
VDB Entry
http://www.us-cert.gov/cas/techalerts/TA09-133B.html
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2009/1189
Third Party Advisory
http://www.vupen.com/english/advisories/2009/1317
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/50145
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/8569
Third Party Advisory
VDB Entry