CVE-2009-3431

Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (open square bracket) characters in the argument to the alert method. NOTE: some of these details are obtained from third party information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
VendorProductVersion
adobeacrobat
7.0
adobeacrobat
7.0
adobeacrobat
7.0
adobeacrobat
7.0.1
adobeacrobat
7.0.1
adobeacrobat
7.0.1
adobeacrobat
7.0.2
adobeacrobat
7.0.2
adobeacrobat
7.0.2
adobeacrobat
7.0.3
adobeacrobat
7.0.3
adobeacrobat
7.0.3
adobeacrobat
7.0.4
adobeacrobat
7.0.4
adobeacrobat
7.0.4
adobeacrobat
7.0.5
adobeacrobat
7.0.5
adobeacrobat
7.0.5
adobeacrobat
7.0.6
adobeacrobat
7.0.6
adobeacrobat
7.0.6
adobeacrobat
7.0.7
adobeacrobat
7.0.7
adobeacrobat
7.0.7
adobeacrobat
7.0.8
adobeacrobat
7.0.8
adobeacrobat
7.0.8
adobeacrobat
7.0.8
adobeacrobat
7.0.9
adobeacrobat
7.0.9
adobeacrobat
7.1
adobeacrobat
7.1
adobeacrobat
7.1
adobeacrobat
7.1.0
adobeacrobat
7.1.1
adobeacrobat
7.1.1
adobeacrobat
8.0
adobeacrobat
8.0
adobeacrobat
8.0
adobeacrobat
8.1
adobeacrobat
8.1
adobeacrobat
8.1.1
adobeacrobat
8.1.1
adobeacrobat
8.1.1
adobeacrobat
8.1.2
adobeacrobat
8.1.2
adobeacrobat
8.1.2
adobeacrobat
8.1.2:security_update
adobeacrobat
8.1.3
adobeacrobat
8.1.3
adobeacrobat
8.1.3
adobeacrobat
8.1.4
adobeacrobat
8.1.4
adobeacrobat
8.1.4
adobeacrobat
9.0
adobeacrobat
9.0
adobeacrobat
9.0.0
adobeacrobat
9.1
adobeacrobat
9.1
adobeacrobat_reader
7.0
adobeacrobat_reader
7.0.1
adobeacrobat_reader
7.0.2
adobeacrobat_reader
7.0.3
adobeacrobat_reader
7.0.4
adobeacrobat_reader
7.0.5
adobeacrobat_reader
7.0.6
adobeacrobat_reader
7.0.7
adobeacrobat_reader
7.0.8
adobeacrobat_reader
7.0.9
adobeacrobat_reader
7.1
adobeacrobat_reader
7.1.1
adobeacrobat_reader
8.0
adobeacrobat_reader
8.1
adobeacrobat_reader
8.1.1
adobeacrobat_reader
8.1.2
adobeacrobat_reader
8.1.2:security_update
adobeacrobat_reader
8.1.3
adobeacrobat_reader
8.1.4
adobeacrobat_reader
8.1.5
adobeacrobat_reader
9.1
adobeacrobat_reader
9.1.1
adobeacrobat_reader
9.1.2
adobeacrobat_reader
9.1.3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
acroread
karmic
Fixed 9.2-1karmic1
released
jaunty
Fixed 9.2-1jaunty1
released
intrepid
Fixed 9.2-1intrepid2
released
hardy
Fixed 9.2-1
released
dapper
ignored
Common Weakness Enumeration
References
http://securitytracker.com/id?1023007
http://www.adobe.com/support/security/bulletins/apsb09-15.html
http://www.securityfocus.com/bid/35148
http://www.us-cert.gov/cas/techalerts/TA09-286B.html
http://www.vupen.com/english/advisories/2009/2898
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6532
http://securitytracker.com/id?1023007
http://www.adobe.com/support/security/bulletins/apsb09-15.html
http://www.securityfocus.com/bid/35148
http://www.us-cert.gov/cas/techalerts/TA09-286B.html
http://www.vupen.com/english/advisories/2009/2898
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6532