CVE-2009-4324

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
adobeCNA
---
---
CVEADP
---
---
CISA-ADPADP
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
adobeacrobat
8.0 ≤
𝑥
< 8.2
adobeacrobat
9.0 ≤
𝑥
< 9.3
adobeacrobat_reader
8.0 ≤
𝑥
< 8.2
adobeacrobat_reader
9.0 ≤
𝑥
< 9.3
opensuseopensuse
11.1
opensuseopensuse
11.2
suselinux_enterprise
10.0:sp2
suselinux_enterprise
10.0:sp3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
acroread
karmic
Fixed 9.3.1-1karmic1
released
jaunty
Fixed 9.3.1-1jaunty1
released
intrepid
Fixed 9.3.1-1intrepid1
released
hardy
Fixed 9.3.1-1hardy2
released
dapper
ignored
Common Weakness Enumeration
References
http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html
http://osvdb.org/60980
http://secunia.com/advisories/37690
http://secunia.com/advisories/38138
http://secunia.com/advisories/38215
http://www.adobe.com/support/security/advisories/apsa09-07.html
http://www.adobe.com/support/security/bulletins/apsb10-02.html
http://www.kb.cert.org/vuls/id/508357
http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb
http://www.redhat.com/support/errata/RHSA-2010-0060.html
http://www.securityfocus.com/bid/37331
http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214
http://www.symantec.com/connect/blogs/zero-day-xmas-present
http://www.us-cert.gov/cas/techalerts/TA10-013A.html
http://www.vupen.com/english/advisories/2009/3518
http://www.vupen.com/english/advisories/2010/0103
https://bugzilla.redhat.com/show_bug.cgi?id=547799
https://exchange.xforce.ibmcloud.com/vulnerabilities/54747
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795
http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html
http://osvdb.org/60980
http://secunia.com/advisories/37690
http://secunia.com/advisories/38138
http://secunia.com/advisories/38215
http://www.adobe.com/support/security/advisories/apsa09-07.html
http://www.adobe.com/support/security/bulletins/apsb10-02.html
http://www.kb.cert.org/vuls/id/508357
http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb
http://www.redhat.com/support/errata/RHSA-2010-0060.html
http://www.securityfocus.com/bid/37331
http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214
http://www.symantec.com/connect/blogs/zero-day-xmas-present
http://www.us-cert.gov/cas/techalerts/TA10-013A.html
http://www.vupen.com/english/advisories/2009/3518
http://www.vupen.com/english/advisories/2010/0103
https://bugzilla.redhat.com/show_bug.cgi?id=547799
https://exchange.xforce.ibmcloud.com/vulnerabilities/54747
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795