Vulnerabilities > CVE-2009-1493 - Resource Management Errors vulnerability in Adobe Reader 8.1.4/9.1

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
adobe
linux
CWE-399
nessus
exploit available

Summary

The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.

Vulnerable Configurations

Part Description Count
Application
Adobe
2
OS
Linux
1

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionAdobe 8.1.4/9.1 customDictionaryOpen() Code Execution Exploit. CVE-2009-1493. Remote exploit for linux platform
fileexploits/linux/remote/8570.txt
idEDB-ID:8570
last seen2016-02-01
modified2009-04-29
platformlinux
port
published2009-04-29
reporterArr1val
sourcehttps://www.exploit-db.com/download/8570/
titleAdobe 8.1.4/9.1 customDictionaryOpen Code Execution Exploit
typeremote

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD-6258.NASL
    descriptionThis update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492,CVE-2009-1493)
    last seen2020-06-01
    modified2020-06-02
    plugin id38856
    published2009-05-22
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/38856
    titleopenSUSE 10 Security Update : acroread (acroread-6258)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-6258.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(38856);
      script_version ("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:36");
    
      script_cve_id("CVE-2009-1492", "CVE-2009-1493");
    
      script_name(english:"openSUSE 10 Security Update : acroread (acroread-6258)");
      script_summary(english:"Check for the acroread-6258 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of acroread fixes two vulnerabilities in the JavaScript
    API that allow attackers to execute arbitrary code with a malformed
    PDF file. (CVE-2009-1492,CVE-2009-1493)"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/05/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/22");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE10.3", reference:"acroread-8.1.5-0.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
    }
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200907-06.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200907-06 (Adobe Reader: User-assisted execution of arbitrary code) Multiple vulnerabilities have been reported in Adobe Reader: Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in the JBIG2 filter (CVE-2009-0198). Mark Dowd of the IBM Internet Security Systems X-Force and Nicolas Joly of VUPEN Security reported multiple heap-based buffer overflows in the JBIG2 filter (CVE-2009-0509, CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, CVE-2009-0888, CVE-2009-0889) Arr1val reported that multiple methods in the JavaScript API might lead to memory corruption when called with crafted arguments (CVE-2009-1492, CVE-2009-1493). An anonymous researcher reported a stack-based buffer overflow related to U3D model files with a crafted extension block (CVE-2009-1855). Jun Mao and Ryan Smith of iDefense Labs reported an integer overflow related to the FlateDecode filter, which triggers a heap-based buffer overflow (CVE-2009-1856). Haifei Li of Fortinet
    last seen2020-06-01
    modified2020-06-02
    plugin id39777
    published2009-07-13
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/39777
    titleGLSA-200907-06 : Adobe Reader: User-assisted execution of arbitrary code
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 200907-06.
    #
    # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(39777);
      script_version("1.22");
      script_cvs_date("Date: 2019/08/02 13:32:45");
    
      script_cve_id("CVE-2009-0198", "CVE-2009-0509", "CVE-2009-0510", "CVE-2009-0511", "CVE-2009-0512", "CVE-2009-0888", "CVE-2009-0889", "CVE-2009-1492", "CVE-2009-1493", "CVE-2009-1855", "CVE-2009-1856", "CVE-2009-1857", "CVE-2009-1858", "CVE-2009-1859", "CVE-2009-1861", "CVE-2009-2028");
      script_bugtraq_id(34736, 34740, 35274, 35282, 35289, 35293, 35294, 35295, 35296, 35298, 35299, 35300, 35302, 35303);
      script_xref(name:"GLSA", value:"200907-06");
    
      script_name(english:"GLSA-200907-06 : Adobe Reader: User-assisted execution of arbitrary code");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-200907-06
    (Adobe Reader: User-assisted execution of arbitrary code)
    
        Multiple vulnerabilities have been reported in Adobe Reader:
        Alin Rad Pop of Secunia Research reported a heap-based buffer
        overflow in the JBIG2 filter (CVE-2009-0198).
        Mark Dowd of the IBM Internet Security Systems X-Force and
        Nicolas Joly of VUPEN Security reported multiple heap-based buffer
        overflows in the JBIG2 filter (CVE-2009-0509, CVE-2009-0510,
        CVE-2009-0511, CVE-2009-0512, CVE-2009-0888, CVE-2009-0889)
        Arr1val reported that multiple methods in the JavaScript API
        might lead to memory corruption when called with crafted arguments
        (CVE-2009-1492, CVE-2009-1493).
        An anonymous researcher reported a stack-based buffer overflow related
        to U3D model files with a crafted extension block (CVE-2009-1855).
        Jun Mao and Ryan Smith of iDefense Labs reported an integer overflow
        related to the FlateDecode filter, which triggers a heap-based buffer
        overflow (CVE-2009-1856).
        Haifei Li of Fortinet's FortiGuard Global Security Research Team
        reported a memory corruption vulnerability related to TrueType fonts
        (CVE-2009-1857).
        The Apple Product Security Team reported a memory corruption
        vulnerability in the JBIG2 filter (CVE-2009-1858).
        Matthew Watchinski of Sourcefire VRT reported an unspecified memory
        corruption (CVE-2009-1859).
        Will Dormann of CERT reported multiple heap-based buffer overflows when
        processing JPX (aka JPEG2000) stream that trigger heap memory
        corruption (CVE-2009-1861).
        Multiple unspecified vulnerabilities have been discovered
        (CVE-2009-2028).
      
    Impact :
    
        A remote attacker could entice a user to open a specially crafted
        document, possibly resulting in the execution of arbitrary code with
        the privileges of the user running the application.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/200907-06"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All Adobe Reader users should upgrade to the latest version:
        # emerge --sync
        # emerge --ask --oneshot --verbose '>=app-text/acroread-8.1.6'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_cwe_id(119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/07/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/13");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"app-text/acroread", unaffected:make_list("ge 8.1.6"), vulnerable:make_list("lt 8.1.6"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Adobe Reader");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_ACROREAD-090519.NASL
    descriptionThis update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492,CVE-2009-1493)
    last seen2020-06-01
    modified2020-06-02
    plugin id39907
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/39907
    titleopenSUSE Security Update : acroread (acroread-893)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-893.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(39907);
      script_version("1.16");
      script_cvs_date("Date: 2019/10/25 13:36:33");
    
      script_cve_id("CVE-2009-1492", "CVE-2009-1493");
    
      script_name(english:"openSUSE Security Update : acroread (acroread-893)");
      script_summary(english:"Check for the acroread-893 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of acroread fixes two vulnerabilities in the JavaScript
    API that allow attackers to execute arbitrary code with a malformed
    PDF file. (CVE-2009-1492,CVE-2009-1493)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=499097"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/05/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.0", reference:"acroread-8.1.5-0.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_ACROREAD-090519.NASL
    descriptionThis update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492 / CVE-2009-1493)
    last seen2020-06-01
    modified2020-06-02
    plugin id41363
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41363
    titleSuSE 11 Security Update : Acrobat Reader (SAT Patch Number 899)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(41363);
      script_version("1.16");
      script_cvs_date("Date: 2019/10/25 13:36:35");
    
      script_cve_id("CVE-2009-1492", "CVE-2009-1493");
    
      script_name(english:"SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 899)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of acroread fixes two vulnerabilities in the JavaScript
    API that allow attackers to execute arbitrary code with a malformed
    PDF file. (CVE-2009-1492 / CVE-2009-1493)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=499097"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1492.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1493.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 899.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/05/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-8.1.5-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD-6260.NASL
    descriptionThis update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492 / CVE-2009-1493)
    last seen2020-06-01
    modified2020-06-02
    plugin id51691
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51691
    titleSuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6260)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(51691);
      script_version ("1.11");
      script_cvs_date("Date: 2019/10/25 13:36:36");
    
      script_cve_id("CVE-2009-1492", "CVE-2009-1493");
    
      script_name(english:"SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6260)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of acroread fixes two vulnerabilities in the JavaScript
    API that allow attackers to execute arbitrary code with a malformed
    PDF file. (CVE-2009-1492 / CVE-2009-1493)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1492.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1493.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6260.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/05/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:2, reference:"acroread-8.1.5-0.3")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2009-0478.NASL
    descriptionUpdated acroread packages that fix two security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). Two flaws were discovered in Adobe Reader
    last seen2020-06-01
    modified2020-06-02
    plugin id40744
    published2009-08-24
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/40744
    titleRHEL 3 / 4 / 5 : acroread (RHSA-2009:0478)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2009:0478. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(40744);
      script_version ("1.30");
      script_cvs_date("Date: 2019/10/25 13:36:14");
    
      script_cve_id("CVE-2009-1492", "CVE-2009-1493");
      script_bugtraq_id(34736, 34740);
      script_xref(name:"RHSA", value:"2009:0478");
    
      script_name(english:"RHEL 3 / 4 / 5 : acroread (RHSA-2009:0478)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated acroread packages that fix two security issues are now
    available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise
    Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Adobe Reader allows users to view and print documents in Portable
    Document Format (PDF).
    
    Two flaws were discovered in Adobe Reader's JavaScript API. A PDF file
    containing malicious JavaScript instructions could cause Adobe Reader
    to crash or, potentially, execute arbitrary code as the user running
    Adobe Reader. (CVE-2009-1492, CVE-2009-1493)
    
    All Adobe Reader users should install these updated packages. They
    contain Adobe Reader version 8.1.5, which is not vulnerable to these
    issues. All running instances of Adobe Reader must be restarted for
    the update to take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1492"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-1493"
      );
      # http://www.adobe.com/support/security/bulletins/apsb09-06.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.adobe.com/support/security/bulletins/apsb09-06.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2009:0478"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread and / or acroread-plugin packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-plugin");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.7");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/04/30");
      script_set_attribute(attribute:"patch_publication_date", value:"2009/05/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/08/24");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(3|4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x / 4.x / 5.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    if (cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i386", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2009:0478";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-8.1.5-2")) flag++;
    
      if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-plugin-8.1.5-2")) flag++;
    
    
      if (rpm_check(release:"RHEL4", cpu:"i386", reference:"acroread-8.1.5-1.el4")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"i386", reference:"acroread-plugin-8.1.5-1.el4")) flag++;
    
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"acroread-8.1.5-1.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"acroread-plugin-8.1.5-1.el5")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread / acroread-plugin");
      }
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD_JA-6264.NASL
    descriptionThis update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492 / CVE-2009-1493)
    last seen2020-06-01
    modified2020-06-02
    plugin id51706
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51706
    titleSuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6264)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(51706);
      script_version ("1.11");
      script_cvs_date("Date: 2019/10/25 13:36:36");
    
      script_cve_id("CVE-2009-1492", "CVE-2009-1493");
    
      script_name(english:"SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6264)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of acroread fixes two vulnerabilities in the JavaScript
    API that allow attackers to execute arbitrary code with a malformed
    PDF file. (CVE-2009-1492 / CVE-2009-1493)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1492.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1493.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6264.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/05/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:2, reference:"acroread_ja-8.1.5-1.3")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_ACROREAD_JA-090519.NASL
    descriptionThis update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492 / CVE-2009-1493)
    last seen2020-06-01
    modified2020-06-02
    plugin id41366
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41366
    titleSuSE 11 Security Update : acroread_ja (SAT Patch Number 904)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(41366);
      script_version("1.16");
      script_cvs_date("Date: 2019/10/25 13:36:35");
    
      script_cve_id("CVE-2009-1492", "CVE-2009-1493");
    
      script_name(english:"SuSE 11 Security Update : acroread_ja (SAT Patch Number 904)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of acroread fixes two vulnerabilities in the JavaScript
    API that allow attackers to execute arbitrary code with a malformed
    PDF file. (CVE-2009-1492 / CVE-2009-1493)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=499097"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1492.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1493.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 904.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread_ja");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/05/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread_ja-8.1.5-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_ACROREAD-090519.NASL
    descriptionThis update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492,CVE-2009-1493)
    last seen2020-06-01
    modified2020-06-02
    plugin id40183
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40183
    titleopenSUSE Security Update : acroread (acroread-893)

Redhat

advisories
rhsa
idRHSA-2009:0478
rpms
  • acroread-0:8.1.5-1.el4
  • acroread-0:8.1.5-1.el5
  • acroread-0:8.1.5-2
  • acroread-plugin-0:8.1.5-1.el4
  • acroread-plugin-0:8.1.5-1.el5
  • acroread-plugin-0:8.1.5-2

Saint

bid34740
descriptionAdobe Reader Javascript API spell.customDictonaryOpen memory corruption
idmisc_acroread
osvdb54129
titleadobe_reader_customdictionaryopen
typeclient