Summary
This host is installed with Adobe Reader and is prone to Denial of Service vulnerability.
Impact
Successful exploitation will let the attacker cause memory corruption or denial of service.
Impact Level: System/Application
Solution
Upgrade Adobe Reader version 9.3.2 or later,
For further updates refer, http://www.adobe.com
Insight
These flaws are due to a memory corruption errors in 'customDictionaryOpen' and 'getAnnots' methods in the JavaScript API while processing malicious PDF files with a long string in the second argument.
Affected
Adobe Reader version 9.1 and prior on Linux.
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2009-1492, CVE-2009-1493 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Apple QuickTime Multiple Vulnerabilities - Jan09 (Win)
- Foxit Reader Multiple Denial of Service Vulnerabilities - Jun09
- Adobe Reader/Acrobat JavaScript Method Handling Vulnerability (Linux)
- Adobe Digital Edition Denial of Service Vulnerability (Windows)
- CUPS IPP Use-After-Free Denial of Service Vulnerability