Vulnerabilities > CVE-2009-1493 - Resource Management Errors vulnerability in Adobe Reader 8.1.4/9.1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 | |
OS | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Adobe 8.1.4/9.1 customDictionaryOpen() Code Execution Exploit. CVE-2009-1493. Remote exploit for linux platform |
file | exploits/linux/remote/8570.txt |
id | EDB-ID:8570 |
last seen | 2016-02-01 |
modified | 2009-04-29 |
platform | linux |
port | |
published | 2009-04-29 |
reporter | Arr1val |
source | https://www.exploit-db.com/download/8570/ |
title | Adobe 8.1.4/9.1 customDictionaryOpen Code Execution Exploit |
type | remote |
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_ACROREAD-6258.NASL description This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492,CVE-2009-1493) last seen 2020-06-01 modified 2020-06-02 plugin id 38856 published 2009-05-22 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38856 title openSUSE 10 Security Update : acroread (acroread-6258) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update acroread-6258. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(38856); script_version ("1.13"); script_cvs_date("Date: 2019/10/25 13:36:36"); script_cve_id("CVE-2009-1492", "CVE-2009-1493"); script_name(english:"openSUSE 10 Security Update : acroread (acroread-6258)"); script_summary(english:"Check for the acroread-6258 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492,CVE-2009-1493)" ); script_set_attribute( attribute:"solution", value:"Update the affected acroread package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/22"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.3", reference:"acroread-8.1.5-0.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread"); }
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200907-06.NASL description The remote host is affected by the vulnerability described in GLSA-200907-06 (Adobe Reader: User-assisted execution of arbitrary code) Multiple vulnerabilities have been reported in Adobe Reader: Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in the JBIG2 filter (CVE-2009-0198). Mark Dowd of the IBM Internet Security Systems X-Force and Nicolas Joly of VUPEN Security reported multiple heap-based buffer overflows in the JBIG2 filter (CVE-2009-0509, CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, CVE-2009-0888, CVE-2009-0889) Arr1val reported that multiple methods in the JavaScript API might lead to memory corruption when called with crafted arguments (CVE-2009-1492, CVE-2009-1493). An anonymous researcher reported a stack-based buffer overflow related to U3D model files with a crafted extension block (CVE-2009-1855). Jun Mao and Ryan Smith of iDefense Labs reported an integer overflow related to the FlateDecode filter, which triggers a heap-based buffer overflow (CVE-2009-1856). Haifei Li of Fortinet last seen 2020-06-01 modified 2020-06-02 plugin id 39777 published 2009-07-13 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39777 title GLSA-200907-06 : Adobe Reader: User-assisted execution of arbitrary code code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200907-06. # # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(39777); script_version("1.22"); script_cvs_date("Date: 2019/08/02 13:32:45"); script_cve_id("CVE-2009-0198", "CVE-2009-0509", "CVE-2009-0510", "CVE-2009-0511", "CVE-2009-0512", "CVE-2009-0888", "CVE-2009-0889", "CVE-2009-1492", "CVE-2009-1493", "CVE-2009-1855", "CVE-2009-1856", "CVE-2009-1857", "CVE-2009-1858", "CVE-2009-1859", "CVE-2009-1861", "CVE-2009-2028"); script_bugtraq_id(34736, 34740, 35274, 35282, 35289, 35293, 35294, 35295, 35296, 35298, 35299, 35300, 35302, 35303); script_xref(name:"GLSA", value:"200907-06"); script_name(english:"GLSA-200907-06 : Adobe Reader: User-assisted execution of arbitrary code"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200907-06 (Adobe Reader: User-assisted execution of arbitrary code) Multiple vulnerabilities have been reported in Adobe Reader: Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in the JBIG2 filter (CVE-2009-0198). Mark Dowd of the IBM Internet Security Systems X-Force and Nicolas Joly of VUPEN Security reported multiple heap-based buffer overflows in the JBIG2 filter (CVE-2009-0509, CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, CVE-2009-0888, CVE-2009-0889) Arr1val reported that multiple methods in the JavaScript API might lead to memory corruption when called with crafted arguments (CVE-2009-1492, CVE-2009-1493). An anonymous researcher reported a stack-based buffer overflow related to U3D model files with a crafted extension block (CVE-2009-1855). Jun Mao and Ryan Smith of iDefense Labs reported an integer overflow related to the FlateDecode filter, which triggers a heap-based buffer overflow (CVE-2009-1856). Haifei Li of Fortinet's FortiGuard Global Security Research Team reported a memory corruption vulnerability related to TrueType fonts (CVE-2009-1857). The Apple Product Security Team reported a memory corruption vulnerability in the JBIG2 filter (CVE-2009-1858). Matthew Watchinski of Sourcefire VRT reported an unspecified memory corruption (CVE-2009-1859). Will Dormann of CERT reported multiple heap-based buffer overflows when processing JPX (aka JPEG2000) stream that trigger heap memory corruption (CVE-2009-1861). Multiple unspecified vulnerabilities have been discovered (CVE-2009-2028). Impact : A remote attacker could entice a user to open a specially crafted document, possibly resulting in the execution of arbitrary code with the privileges of the user running the application. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200907-06" ); script_set_attribute( attribute:"solution", value: "All Adobe Reader users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-text/acroread-8.1.6'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_cwe_id(119, 189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:acroread"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2009/07/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"app-text/acroread", unaffected:make_list("ge 8.1.6"), vulnerable:make_list("lt 8.1.6"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Adobe Reader"); }
NASL family SuSE Local Security Checks NASL id SUSE_11_0_ACROREAD-090519.NASL description This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492,CVE-2009-1493) last seen 2020-06-01 modified 2020-06-02 plugin id 39907 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39907 title openSUSE Security Update : acroread (acroread-893) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update acroread-893. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(39907); script_version("1.16"); script_cvs_date("Date: 2019/10/25 13:36:33"); script_cve_id("CVE-2009-1492", "CVE-2009-1493"); script_name(english:"openSUSE Security Update : acroread (acroread-893)"); script_summary(english:"Check for the acroread-893 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492,CVE-2009-1493)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=499097" ); script_set_attribute( attribute:"solution", value:"Update the affected acroread package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.0", reference:"acroread-8.1.5-0.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread"); }
NASL family SuSE Local Security Checks NASL id SUSE_11_ACROREAD-090519.NASL description This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492 / CVE-2009-1493) last seen 2020-06-01 modified 2020-06-02 plugin id 41363 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41363 title SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 899) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(41363); script_version("1.16"); script_cvs_date("Date: 2019/10/25 13:36:35"); script_cve_id("CVE-2009-1492", "CVE-2009-1493"); script_name(english:"SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 899)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492 / CVE-2009-1493)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=499097" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-1492.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-1493.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 899."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0"); flag = 0; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-8.1.5-0.1.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_ACROREAD-6260.NASL description This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492 / CVE-2009-1493) last seen 2020-06-01 modified 2020-06-02 plugin id 51691 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51691 title SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6260) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(51691); script_version ("1.11"); script_cvs_date("Date: 2019/10/25 13:36:36"); script_cve_id("CVE-2009-1492", "CVE-2009-1493"); script_name(english:"SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6260)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492 / CVE-2009-1493)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-1492.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-1493.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6260."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:2, reference:"acroread-8.1.5-0.3")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2009-0478.NASL description Updated acroread packages that fix two security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). Two flaws were discovered in Adobe Reader last seen 2020-06-01 modified 2020-06-02 plugin id 40744 published 2009-08-24 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40744 title RHEL 3 / 4 / 5 : acroread (RHSA-2009:0478) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2009:0478. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(40744); script_version ("1.30"); script_cvs_date("Date: 2019/10/25 13:36:14"); script_cve_id("CVE-2009-1492", "CVE-2009-1493"); script_bugtraq_id(34736, 34740); script_xref(name:"RHSA", value:"2009:0478"); script_name(english:"RHEL 3 / 4 / 5 : acroread (RHSA-2009:0478)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated acroread packages that fix two security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). Two flaws were discovered in Adobe Reader's JavaScript API. A PDF file containing malicious JavaScript instructions could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader. (CVE-2009-1492, CVE-2009-1493) All Adobe Reader users should install these updated packages. They contain Adobe Reader version 8.1.5, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-1492" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-1493" ); # http://www.adobe.com/support/security/bulletins/apsb09-06.html script_set_attribute( attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb09-06.html" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2009:0478" ); script_set_attribute( attribute:"solution", value:"Update the affected acroread and / or acroread-plugin packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-plugin"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.3"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/04/30"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/08/24"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(3|4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x / 4.x / 5.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); if (cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i386", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2009:0478"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-8.1.5-2")) flag++; if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-plugin-8.1.5-2")) flag++; if (rpm_check(release:"RHEL4", cpu:"i386", reference:"acroread-8.1.5-1.el4")) flag++; if (rpm_check(release:"RHEL4", cpu:"i386", reference:"acroread-plugin-8.1.5-1.el4")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"acroread-8.1.5-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"acroread-plugin-8.1.5-1.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread / acroread-plugin"); } }
NASL family SuSE Local Security Checks NASL id SUSE_ACROREAD_JA-6264.NASL description This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492 / CVE-2009-1493) last seen 2020-06-01 modified 2020-06-02 plugin id 51706 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51706 title SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6264) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(51706); script_version ("1.11"); script_cvs_date("Date: 2019/10/25 13:36:36"); script_cve_id("CVE-2009-1492", "CVE-2009-1493"); script_name(english:"SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6264)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492 / CVE-2009-1493)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-1492.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-1493.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6264."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:2, reference:"acroread_ja-8.1.5-1.3")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family SuSE Local Security Checks NASL id SUSE_11_ACROREAD_JA-090519.NASL description This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492 / CVE-2009-1493) last seen 2020-06-01 modified 2020-06-02 plugin id 41366 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41366 title SuSE 11 Security Update : acroread_ja (SAT Patch Number 904) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(41366); script_version("1.16"); script_cvs_date("Date: 2019/10/25 13:36:35"); script_cve_id("CVE-2009-1492", "CVE-2009-1493"); script_name(english:"SuSE 11 Security Update : acroread_ja (SAT Patch Number 904)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492 / CVE-2009-1493)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=499097" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-1492.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-1493.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 904."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread_ja"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0"); flag = 0; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread_ja-8.1.5-0.1.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_11_1_ACROREAD-090519.NASL description This update of acroread fixes two vulnerabilities in the JavaScript API that allow attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492,CVE-2009-1493) last seen 2020-06-01 modified 2020-06-02 plugin id 40183 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40183 title openSUSE Security Update : acroread (acroread-893)
Redhat
advisories |
| ||||
rpms |
|
Saint
bid | 34740 |
description | Adobe Reader Javascript API spell.customDictonaryOpen memory corruption |
id | misc_acroread |
osvdb | 54129 |
title | adobe_reader_customdictionaryopen |
type | client |
References
- http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html
- http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html
- http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
- http://osvdb.org/54129
- http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt
- http://secunia.com/advisories/34924
- http://secunia.com/advisories/35055
- http://secunia.com/advisories/35096
- http://secunia.com/advisories/35152
- http://secunia.com/advisories/35358
- http://secunia.com/advisories/35416
- http://secunia.com/advisories/35734
- http://security.gentoo.org/glsa/glsa-200907-06.xml
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=926953
- http://www.adobe.com/support/security/bulletins/apsb09-06.html
- http://www.kb.cert.org/vuls/id/970180
- http://www.redhat.com/support/errata/RHSA-2009-0478.html
- http://www.securityfocus.com/bid/34740
- http://www.securitytracker.com/id?1022139
- http://www.us-cert.gov/cas/techalerts/TA09-133B.html
- http://www.vupen.com/english/advisories/2009/1189
- http://www.vupen.com/english/advisories/2009/1317
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50146
- https://www.exploit-db.com/exploits/8570