CVE-2009-4324

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.

CVSS v3 7.8 HIGH
CVSS v2.0 9.3 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html	Broken Link Vendor Advisory
http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html	Exploit Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html	Mailing List Third Party Advisory
http://osvdb.org/60980	Broken Link
http://secunia.com/advisories/37690	Broken Link Vendor Advisory
http://secunia.com/advisories/38138	Broken Link Vendor Advisory
http://secunia.com/advisories/38215	Broken Link Vendor Advisory
http://www.adobe.com/support/security/advisories/apsa09-07.html	Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb10-02.html	Not Applicable
http://www.kb.cert.org/vuls/id/508357	Third Party Advisory US Government Resource
http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb	Broken Link
http://www.redhat.com/support/errata/RHSA-2010-0060.html	Broken Link
http://www.securityfocus.com/bid/37331	Broken Link Third Party Advisory VDB Entry
http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214	Broken Link
http://www.symantec.com/connect/blogs/zero-day-xmas-present	Broken Link
http://www.us-cert.gov/cas/techalerts/TA10-013A.html	Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2009/3518	Broken Link Vendor Advisory
http://www.vupen.com/english/advisories/2010/0103	Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=547799	Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/54747	Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795	Broken Link

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:adobe:acrobat::::::::
	cpe:2.3:a:adobe:acrobat::::::::
	cpe:2.3:a:adobe:acrobat_reader::::::::
	cpe:2.3:a:adobe:acrobat_reader::::::::

OR	cpe:2.3:o:apple:mac_os_x:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:suse:linux_enterprise_debuginfo:11:-::::::
	cpe:2.3:o:opensuse:opensuse:11.1:::::::*
	cpe:2.3:o:opensuse:opensuse:11.2:::::::*
	cpe:2.3:o:suse:linux_enterprise:10.0:sp2::::::
	cpe:2.3:o:suse:linux_enterprise:10.0:sp3::::::

History

28 Jun 2024, 14:20

Type	Values Removed	Values Added
CPE	cpe:2.3:a:adobe:acrobat_reader:8.1.1:::::::* cpe:2.3:a:adobe:acrobat:6.0.2:::::::* cpe:2.3:a:adobe:acrobat_reader:4.0.5c:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.4:::::::* cpe:2.3:a:adobe:acrobat_reader:4.0.5a:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.3:::::::* cpe:2.3:a:adobe:acrobat_reader:5.0.6:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.9:::::::* cpe:2.3:a:adobe:acrobat_reader:5.0.10:::::::* cpe:2.3:a:adobe:acrobat:8.1.1:::::::* cpe:2.3:a:adobe:acrobat_reader:5.0.5:::::::* cpe:2.3:a:adobe:acrobat:6.0.4:::::::* cpe:2.3:a:adobe:acrobat_reader:9.0:::::::* cpe:2.3:a:adobe:acrobat_reader:4.0:::::::* cpe:2.3:a:adobe:acrobat:7.0.5:::::::* cpe:2.3:a:adobe:acrobat:7.0.6:::::::* cpe:2.3:a:adobe:acrobat:9.1:::::::* cpe:2.3:a:adobe:acrobat:7.0.3:::::::* cpe:2.3:a:adobe:acrobat:7.0:::::::* cpe:2.3:a:adobe:acrobat_reader:5.0.11:::::::* cpe:2.3:a:adobe:acrobat_reader:3.0:::::::* cpe:2.3:a:adobe:acrobat:6.0.1:::::::* cpe:2.3:a:adobe:acrobat_reader:4.5:::::::* cpe:2.3:a:adobe:acrobat_reader:5.0.9:::::::* cpe:2.3:a:adobe:acrobat_reader:6.0.2:::::::* cpe:2.3:a:adobe:acrobat_reader:6.0.4:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1:::::::* cpe:2.3:a:adobe:acrobat_reader:4.0.5:::::::* cpe:2.3:a:adobe:acrobat_reader:8.0:::::::* cpe:2.3:a:adobe:acrobat:8.1:::::::* cpe:2.3:a:adobe:acrobat_reader:5.0.7:::::::* cpe:2.3:a:adobe:acrobat:7.0.8:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.6:::::::* cpe:2.3:a:adobe:acrobat:6.0:::::::* cpe:2.3:a:adobe:acrobat:7.0.7:::::::* cpe:2.3:a:adobe:acrobat_reader:5.1:::::::* cpe:2.3:a:adobe:acrobat:8.1.2:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.2:::::::* cpe:2.3:a:adobe:acrobat:7.0.1:::::::* cpe:2.3:a:adobe:acrobat:6.0.5:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.5:::::::* cpe:2.3:a:adobe:acrobat:7.0.2:::::::* cpe:2.3:a:adobe:acrobat_reader:6.0.3:::::::* cpe:2.3:a:adobe:acrobat_reader:6.0:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.7:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.2:::::::* cpe:2.3:a:adobe:acrobat:7.0.4:::::::* cpe:2.3:a:adobe:acrobat:8.0:::::::* cpe:2.3:a:adobe:acrobat:7.0.9:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0:::::::* cpe:2.3:a:adobe:acrobat:9.0:::::::* cpe:2.3:a:adobe:acrobat_reader:6.0.1:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.8:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.1:::::::* cpe:2.3:a:adobe:acrobat:6.0.3:::::::* cpe:2.3:a:adobe:acrobat_reader:6.0.5:::::::* cpe:2.3:a:adobe:acrobat_reader:5.0:::::::*	cpe:2.3:o:opensuse:opensuse:11.1:::::::* cpe:2.3:o:suse:linux_enterprise:10.0:sp2:::::: cpe:2.3:o:apple:mac_os_x:-:::::::* cpe:2.3:o:microsoft:windows:-:::::::* cpe:2.3:o:opensuse:opensuse:11.2:::::::* cpe:2.3:o:suse:linux_enterprise:10.0:sp3:::::: cpe:2.3:a:suse:linux_enterprise_debuginfo:11:-::::::
References	~~() http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html - Vendor Advisory~~	() http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html - Broken Link, Vendor Advisory
References	~~() http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html -~~	() http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html - Exploit, Third Party Advisory
References	~~() http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html -~~	() http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html - Mailing List, Third Party Advisory
References	~~() http://osvdb.org/60980 -~~	() http://osvdb.org/60980 - Broken Link
References	~~() http://secunia.com/advisories/37690 - Vendor Advisory~~	() http://secunia.com/advisories/37690 - Broken Link, Vendor Advisory
References	~~() http://secunia.com/advisories/38138 - Vendor Advisory~~	() http://secunia.com/advisories/38138 - Broken Link, Vendor Advisory
References	~~() http://secunia.com/advisories/38215 - Vendor Advisory~~	() http://secunia.com/advisories/38215 - Broken Link, Vendor Advisory
References	~~() http://www.adobe.com/support/security/bulletins/apsb10-02.html -~~	() http://www.adobe.com/support/security/bulletins/apsb10-02.html - Not Applicable
References	~~() http://www.kb.cert.org/vuls/id/508357 - US Government Resource~~	() http://www.kb.cert.org/vuls/id/508357 - Third Party Advisory, US Government Resource
References	~~() http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb -~~	() http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb - Broken Link
References	~~() http://www.redhat.com/support/errata/RHSA-2010-0060.html -~~	() http://www.redhat.com/support/errata/RHSA-2010-0060.html - Broken Link
References	~~() http://www.securityfocus.com/bid/37331 -~~	() http://www.securityfocus.com/bid/37331 - Broken Link, Third Party Advisory, VDB Entry
References	~~() http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214 -~~	() http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214 - Broken Link
References	~~() http://www.symantec.com/connect/blogs/zero-day-xmas-present -~~	() http://www.symantec.com/connect/blogs/zero-day-xmas-present - Broken Link
References	~~() http://www.us-cert.gov/cas/techalerts/TA10-013A.html - US Government Resource~~	() http://www.us-cert.gov/cas/techalerts/TA10-013A.html - Third Party Advisory, US Government Resource
References	~~() http://www.vupen.com/english/advisories/2009/3518 - Vendor Advisory~~	() http://www.vupen.com/english/advisories/2009/3518 - Broken Link, Vendor Advisory
References	~~() http://www.vupen.com/english/advisories/2010/0103 -~~	() http://www.vupen.com/english/advisories/2010/0103 - Broken Link
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=547799 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=547799 - Issue Tracking
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/54747 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/54747 - Third Party Advisory, VDB Entry
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795 - Broken Link
CVSS	v2 : ~~9.3~~ v3 : ~~unknown~~	v2 : 9.3 v3 : 7.8
CWE	~~CWE-399~~	CWE-416
First Time		Suse linux Enterprise Suse linux Enterprise Debuginfo Microsoft Suse Opensuse opensuse Apple mac Os X Microsoft windows Opensuse Apple

Information

Published : 2009-12-15 02:30

Updated : 2024-06-28 14:20

NVD link : CVE-2009-4324

Mitre link : CVE-2009-4324

CVE.ORG link : CVE-2009-4324

JSON object : View

Products Affected

adobe

acrobat_reader
acrobat

suse

linux_enterprise_debuginfo
linux_enterprise

opensuse

opensuse

microsoft

windows

apple

mac_os_x

CWE

CWE-416

Use After Free

7.8 /10