TUCoPS :: Windows Apps :: bt-21156.htm

Adobe Acrobat and Reader JBIG2 Filter Heap Overflow Vulnerability
VUPEN Security - Adobe Acrobat and Reader JBIG2 Filter Heap Overflow Vulnerability
VUPEN Security - Adobe Acrobat and Reader JBIG2 Filter Heap Overflow Vulnerability



VUPEN Security Research Advisory - VUPEN-SR-2009-04

Advisory URL: http://www.vupen.com/english/advisories/2009/1547 

June 10, 2009


I. BACKGROUND 
---------------------

Adobe Acrobat is a family of computer programs developed by Adobe
Systems, designed to view, create, manipulate and manage files in
Adobe's Portable Document Format (PDF).


II. DESCRIPTION 
---------------------

VUPEN Security discovered a critical vulnerability affecting Adobe
Acrobat and Reader.

This vulnerability is caused by an integer overflow error within the
JBIG2 filter when processing certain data streams within a PDF file,
which could allow attackers to cause a heap overflow and execute
arbitrary code by tricking a user into opening a specially crafted
document.


III. AFFECTED PRODUCTS
--------------------------------

Adobe Reader versions prior to 9.1.2
Adobe Reader versions prior to 8.1.6
Adobe Reader versions prior to 7.1.3
Adobe Acrobat Standard versions prior to 9.1.2
Adobe Acrobat Pro versions prior to 9.1.2
Adobe Acrobat Pro Extended versions prior to 9.1.2
Adobe Acrobat versions prior to 8.1.6
Adobe Acrobat versions prior to 7.1.3


IV. Exploit - PoC & Binary Analysis
--------------------------------------

A proof-of-concept exploit has have been developed by VUPEN Security
and is available with the in-depth binary analysis of the vulnerability
through the VUPEN Exploits & PoCs Service.

http://www.vupen.com/exploits 


V. SOLUTION 
----------------

Upgrade to Adobe Reader and Acrobat version 9.1.2, 8.1.6 and 7.1.3 :
http://www.adobe.com/support/security/bulletins/apsb09-07.html 


VI. CREDIT 
--------------

Thse vulnerability was discovered by Nicolas JOLY of VUPEN Security


VII. REFERENCES
----------------------

http://www.vupen.com/english/advisories/2009/1547 
http://www.adobe.com/support/security/bulletins/apsb09-07.html 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0509 


VIII. DISCLOSURE TIMELINE 
-----------------------------------

07/05/2009 - Vendor notified
07/05/2009 - Vendor response
05/06/2009 - Status update received
10/06/2009 - Coordinated public Disclosure 

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH