6.8

CVE-2009-1493

Exploit

EPSS 76.13%
Published 30.04.2009 20:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.

Affected products Warnungen 0 Metrics 2 CWE 0 References 29

Data is provided by the National Vulnerability Database (NVD)

Adobe ≫ Reader Version8.1.4

Linux ≫ Linux Kernel Version-

Adobe ≫ Reader Version9.1

Linux ≫ Linux Kernel Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	76.13%	0.988

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/35416

Broken Link

http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html

Vendor Advisory

http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/34924

Broken Link

http://secunia.com/advisories/35055

Broken Link

http://secunia.com/advisories/35096

Broken Link

http://secunia.com/advisories/35152

Broken Link

http://secunia.com/advisories/35358

Broken Link

http://secunia.com/advisories/35734

Broken Link

http://security.gentoo.org/glsa/glsa-200907-06.xml

Third Party Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1

Broken Link

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=926953

Third Party Advisory

http://www.adobe.com/support/security/bulletins/apsb09-06.html

Third Party Advisory

http://www.kb.cert.org/vuls/id/970180

Third Party Advisory

US Government Resource

http://www.redhat.com/support/errata/RHSA-2009-0478.html

Third Party Advisory

http://www.securitytracker.com/id?1022139

Third Party Advisory

VDB Entry

http://www.us-cert.gov/cas/techalerts/TA09-133B.html

Third Party Advisory

US Government Resource

http://www.vupen.com/english/advisories/2009/1189

Broken Link

http://www.vupen.com/english/advisories/2009/1317

Broken Link

http://osvdb.org/54129

Broken Link

http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt

Exploit

http://www.securityfocus.com/bid/34740

Third Party Advisory

Exploit

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/50146

Third Party Advisory

VDB Entry

https://www.exploit-db.com/exploits/8570

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2009-1493

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-1493

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-1493

EUVD