CVE-2009-1857

EUVD-2009-1852
Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a PDF document with a crafted TrueType font.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
adobeacrobat
7.0
adobeacrobat
7.0
adobeacrobat
7.0
adobeacrobat
7.0.1
adobeacrobat
7.0.1
adobeacrobat
7.0.1
adobeacrobat
7.0.2
adobeacrobat
7.0.2
adobeacrobat
7.0.2
adobeacrobat
7.0.3
adobeacrobat
7.0.3
adobeacrobat
7.0.3
adobeacrobat
7.0.4
adobeacrobat
7.0.4
adobeacrobat
7.0.4
adobeacrobat
7.0.5
adobeacrobat
7.0.5
adobeacrobat
7.0.5
adobeacrobat
7.0.6
adobeacrobat
7.0.6
adobeacrobat
7.0.6
adobeacrobat
7.0.7
adobeacrobat
7.0.7
adobeacrobat
7.0.7
adobeacrobat
7.0.8
adobeacrobat
7.0.8
adobeacrobat
7.0.8
adobeacrobat
7.0.8
adobeacrobat
7.0.9
adobeacrobat
7.0.9
adobeacrobat
7.1
adobeacrobat
7.1
adobeacrobat
7.1
adobeacrobat
7.1.0
adobeacrobat
7.1.1
adobeacrobat
7.1.1
adobeacrobat
8.0
adobeacrobat
8.0
adobeacrobat
8.0
adobeacrobat
8.1
adobeacrobat
8.1
adobeacrobat
8.1.1
adobeacrobat
8.1.1
adobeacrobat
8.1.1
adobeacrobat
8.1.2
adobeacrobat
8.1.2
adobeacrobat
8.1.2
adobeacrobat
8.1.2:security_update
adobeacrobat
8.1.3
adobeacrobat
8.1.3
adobeacrobat
8.1.3
adobeacrobat
8.1.4
adobeacrobat
8.1.4
adobeacrobat
8.1.4
adobeacrobat
9.0
adobeacrobat
9.0
adobeacrobat
9.0.0
adobeacrobat
9.1
adobeacrobat
9.1
adobeacrobat_reader
7.0
adobeacrobat_reader
7.0.1
adobeacrobat_reader
7.0.2
adobeacrobat_reader
7.0.3
adobeacrobat_reader
7.0.4
adobeacrobat_reader
7.0.5
adobeacrobat_reader
7.0.6
adobeacrobat_reader
7.0.7
adobeacrobat_reader
7.0.8
adobeacrobat_reader
7.0.9
adobeacrobat_reader
7.1
adobeacrobat_reader
7.1.1
adobeacrobat_reader
8.0
adobeacrobat_reader
8.1
adobeacrobat_reader
8.1.1
adobeacrobat_reader
8.1.2
adobeacrobat_reader
8.1.2:security_update
adobeacrobat_reader
8.1.3
adobeacrobat_reader
8.1.4
adobeacrobat_reader
8.1.5
adobeacrobat_reader
9.1
adobeacrobat_reader
9.1.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
acroread
dapper
ignored
hardy
Fixed 9.1.2-0hardy3
released
intrepid
Fixed 9.1.2-3intrepid1
released
jaunty
Fixed 9.1.2-3jaunty1
released
karmic
Fixed 9.2-1karmic1
released
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://secunia.com/advisories/34580
http://secunia.com/advisories/35496
http://secunia.com/advisories/35655
http://secunia.com/advisories/35685
http://secunia.com/advisories/35734
http://security.gentoo.org/glsa/glsa-200907-06.xml
http://securitytracker.com/id?1022361
http://www.adobe.com/support/security/bulletins/apsb09-07.html
http://www.fortiguardcenter.com/advisory/FGA-2009-25.html
http://www.redhat.com/support/errata/RHSA-2009-1109.html
http://www.securityfocus.com/archive/1/504239/100/0/threaded
http://www.securityfocus.com/bid/35274
http://www.securityfocus.com/bid/35296
http://www.us-cert.gov/cas/techalerts/TA09-161A.html
http://www.vupen.com/english/advisories/2009/1547
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://secunia.com/advisories/34580
http://secunia.com/advisories/35496
http://secunia.com/advisories/35655
http://secunia.com/advisories/35685
http://secunia.com/advisories/35734
http://security.gentoo.org/glsa/glsa-200907-06.xml
http://securitytracker.com/id?1022361
http://www.adobe.com/support/security/bulletins/apsb09-07.html
http://www.fortiguardcenter.com/advisory/FGA-2009-25.html
http://www.redhat.com/support/errata/RHSA-2009-1109.html
http://www.securityfocus.com/archive/1/504239/100/0/threaded
http://www.securityfocus.com/bid/35274
http://www.securityfocus.com/bid/35296
http://www.us-cert.gov/cas/techalerts/TA09-161A.html
http://www.vupen.com/english/advisories/2009/1547