CVE-2009-0198

EUVD-2009-0207
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF file that contains JBIG2 text region segments with Huffman encoding.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
Affected Products (NVD)
VendorProductVersion
adobeacrobat
7.0
adobeacrobat
7.0
adobeacrobat
7.0
adobeacrobat
7.0.1
adobeacrobat
7.0.1
adobeacrobat
7.0.1
adobeacrobat
7.0.2
adobeacrobat
7.0.2
adobeacrobat
7.0.2
adobeacrobat
7.0.3
adobeacrobat
7.0.3
adobeacrobat
7.0.3
adobeacrobat
7.0.4
adobeacrobat
7.0.4
adobeacrobat
7.0.4
adobeacrobat
7.0.5
adobeacrobat
7.0.5
adobeacrobat
7.0.5
adobeacrobat
7.0.6
adobeacrobat
7.0.6
adobeacrobat
7.0.6
adobeacrobat
7.0.7
adobeacrobat
7.0.7
adobeacrobat
7.0.7
adobeacrobat
7.0.8
adobeacrobat
7.0.8
adobeacrobat
7.0.8
adobeacrobat
7.0.8
adobeacrobat
7.0.9
adobeacrobat
7.0.9
adobeacrobat
7.1
adobeacrobat
7.1
adobeacrobat
7.1
adobeacrobat
7.1.0
adobeacrobat
7.1.1
adobeacrobat
7.1.1
adobeacrobat
8.0
adobeacrobat
8.0
adobeacrobat
8.0
adobeacrobat
8.1
adobeacrobat
8.1
adobeacrobat
8.1.1
adobeacrobat
8.1.1
adobeacrobat
8.1.1
adobeacrobat
8.1.2
adobeacrobat
8.1.2
adobeacrobat
8.1.2
adobeacrobat
8.1.2:security_update
adobeacrobat
8.1.3
adobeacrobat
8.1.3
adobeacrobat
8.1.3
adobeacrobat
8.1.4
adobeacrobat
8.1.4
adobeacrobat
8.1.4
adobeacrobat
9.0
adobeacrobat
9.0
adobeacrobat
9.0.0
adobeacrobat
9.1
adobeacrobat
9.1
adobeacrobat_reader
7.0
adobeacrobat_reader
7.0.1
adobeacrobat_reader
7.0.2
adobeacrobat_reader
7.0.3
adobeacrobat_reader
7.0.4
adobeacrobat_reader
7.0.5
adobeacrobat_reader
7.0.6
adobeacrobat_reader
7.0.7
adobeacrobat_reader
7.0.8
adobeacrobat_reader
7.0.9
adobeacrobat_reader
7.1
adobeacrobat_reader
7.1.1
adobeacrobat_reader
8.0
adobeacrobat_reader
8.1
adobeacrobat_reader
8.1.1
adobeacrobat_reader
8.1.2
adobeacrobat_reader
8.1.2:security_update
adobeacrobat_reader
8.1.3
adobeacrobat_reader
8.1.4
adobeacrobat_reader
8.1.5
adobeacrobat_reader
9.1
adobeacrobat_reader
9.1.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
acroread
dapper
ignored
hardy
Fixed 9.1.2-0hardy3
released
intrepid
Fixed 9.1.2-3intrepid1
released
jaunty
Fixed 9.1.2-3jaunty1
released
karmic
Fixed 9.2-1karmic1
released
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://secunia.com/advisories/34580
http://secunia.com/advisories/35496
http://secunia.com/advisories/35655
http://secunia.com/advisories/35685
http://secunia.com/advisories/35734
http://secunia.com/secunia_research/2009-24/
http://security.gentoo.org/glsa/glsa-200907-06.xml
http://securitytracker.com/id?1022361
http://www.adobe.com/support/security/bulletins/apsb09-07.html
http://www.redhat.com/support/errata/RHSA-2009-1109.html
http://www.securityfocus.com/archive/1/504217/100/0/threaded
http://www.securityfocus.com/bid/35274
http://www.securityfocus.com/bid/35302
http://www.us-cert.gov/cas/techalerts/TA09-161A.html
http://www.vupen.com/english/advisories/2009/1547
https://exchange.xforce.ibmcloud.com/vulnerabilities/51015
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://secunia.com/advisories/34580
http://secunia.com/advisories/35496
http://secunia.com/advisories/35655
http://secunia.com/advisories/35685
http://secunia.com/advisories/35734
http://secunia.com/secunia_research/2009-24/
http://security.gentoo.org/glsa/glsa-200907-06.xml
http://securitytracker.com/id?1022361
http://www.adobe.com/support/security/bulletins/apsb09-07.html
http://www.redhat.com/support/errata/RHSA-2009-1109.html
http://www.securityfocus.com/archive/1/504217/100/0/threaded
http://www.securityfocus.com/bid/35274
http://www.securityfocus.com/bid/35302
http://www.us-cert.gov/cas/techalerts/TA09-161A.html
http://www.vupen.com/english/advisories/2009/1547
https://exchange.xforce.ibmcloud.com/vulnerabilities/51015