Test ID:	1.3.6.1.4.1.25623.1.0.900321
Category:	Buffer overflow
Title:	Buffer Overflow Vulnerability in Adobe Reader (Linux)
Summary:	This host has Adobe Reader installed, and is prone to buffer overflow;vulnerability.
Description:	Summary: This host has Adobe Reader installed, and is prone to buffer overflow vulnerability. Vulnerability Insight: This issue is due to error in array indexing while processing JBIG2 streams and unspecified vulnerability related to a JavaScript method. Vulnerability Impact: This can be exploited to corrupt arbitrary memory via a specially crafted PDF file, related to a non-JavaScript function call and to execute arbitrary code in context of the affected application. Affected Software/OS: Adobe Reader version 9.x < 9.1, 8.x < 8.1.4, 7.x < 7.1.1 on Linux Solution: Upgrade to Adobe Reader version 9.1 or 8.1.4 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	BugTraq ID: 33751 BugTraq ID: 34169 BugTraq ID: 34229 Common Vulnerability Exposure (CVE) ID: CVE-2009-0658 http://www.securityfocus.com/bid/33751 Cert/CC Advisory: TA09-051A http://www.us-cert.gov/cas/techalerts/TA09-051A.html CERT/CC vulnerability note: VU#905281 http://www.kb.cert.org/vuls/id/905281 https://www.exploit-db.com/exploits/8090 https://www.exploit-db.com/exploits/8099 http://www.vupen.com/english/advisories/2009/0472 http://security.gentoo.org/glsa/glsa-200904-17.xml http://isc.sans.org/diary.html?n&storyid=5902 http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219 http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99&tabid=2 http://osvdb.org/52073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697 http://www.redhat.com/support/errata/RHSA-2009-0376.html http://www.securitytracker.com/id?1021739 http://secunia.com/advisories/33901 http://secunia.com/advisories/34392 http://secunia.com/advisories/34490 http://secunia.com/advisories/34706 http://secunia.com/advisories/34790 http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1 SuSE Security Announcement: SUSE-SA:2009:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html SuSE Security Announcement: SUSE-SR:2009:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://www.vupen.com/english/advisories/2009/1019 XForce ISS Database: adobe-acrobat-reader-image-bo(48825) https://exchange.xforce.ibmcloud.com/vulnerabilities/48825 Common Vulnerability Exposure (CVE) ID: CVE-2009-0927 http://www.securityfocus.com/bid/34169 Bugtraq: 20090324 ZDI-09-014: Adobe Acrobat getIcon() Stack Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/502116/100/0/threaded http://www.exploit-db.com/exploits/9579 http://www.zerodayinitiative.com/advisories/ZDI-09-014 http://www.securitytracker.com/id?1021861 http://www.vupen.com/english/advisories/2009/0770 XForce ISS Database: adobe-unspecified-javascript-code-execution(49312) https://exchange.xforce.ibmcloud.com/vulnerabilities/49312
Copyright	Copyright (C) 2009 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.