Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability

vulnerability CVE-2009-3953 CVE-2009-3954 CVE-2009-3955

Adobe Reader, Acrobat: code execution

Synthesis of the vulnerability

An attacker can create a malicious PDF document, in order to execute code on the computer of victims opening this document.
Severity: 4/4.
Creation date: 13/01/2010.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Reader and Acrobat.

A PDF document can call Doc.media.newPlayer() to corrupt the memory, in order to execute code (VIGILANCE-VUL-9281). [severity:4/4; BID-37331, CVE-2009-4324, VU#508357, >]

A PDF document can generate a buffer overflow in the U3D feature, in order to execute code. [severity:4/4; BID-37758, CVE-2009-3953, >]

A PDF document can load a DLL via the 3D feature, in order to execute code. [severity:4/4; BID-37761, CVE-2009-3954, >]

A PDF document can generate a memory corruption during Jp2c/JpxDecode decoding, in order to execute code. [severity:4/4; BID-37757, CVE-2009-3955, >]

A PDF document can inject JavaScript, which can be executed in the context of another domain. [severity:3/4; BID-37763, CVE-2009-3956, >]

A PDF document can dereference a NULL pointer, in order to generate a denial of service. [severity:1/4; BID-37760, CVE-2009-3957, >]

A PDF document can generate a buffer overflow in the Download Manager (getPlus Helper, gp.ocx), in order to execute code. [severity:3/4; CVE-2009-3958, VU#773545, >]

A PDF document can generate a buffer overflow in Atlcom.get_atlcom of the Download Manager (gp.ocx), in order to execute code. [severity:3/4; BID-39615, CVE-2010-1278, ZDI-10-077, >]

A PDF document can generate an integer overflow in the U3D feature, in order to execute code. [severity:4/4; BID-37756, CVE-2009-3959, >]

An attacker can therefore create a malicious PDF document, in order to execute code on the computer of victims opening this document.

Complete Vigil@nce bulletin

Access to the complete Vigil@nce bulletin

Characteristics

Title: Adobe Reader, Acrobat: code execution.
Keywords: 508357 773545 Acrobat Adobe Atlcom DLL Doc Download Helper JavaScript Jp2c JpxDecode Manager NULL PDF Reader U3D ZDI-10-077 code execution getPlus get_atlcom newPlayer.
Identifiers: APSB10-02, BID-37331, BID-37756, BID-37757, BID-37758, BID-37760, BID-37761, BID-37763, BID-39615, CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324, CVE-2010-1278, RHSA-2010:0037-01, RHSA-2010:0038-01, RHSA-2010:0060-01, SUSE-SA:2010:008, VIGILANCE-VUL-9335, VU#508357, VU#773545, ZDI-10-077.

Information sources

Publications and announces
Source example: Security updates available for Adobe Reader and Acrobat

Solutions for this vulnerability

Patch or workaround

Supplements

Vulnerability : CVE-2009-4324

A PDF document can call Doc.media.newPlayer() to corrupt the memory, in order to execute code (VIGILANCE-VUL-9281).
Severity: 4/4.
Identifiers: BID-37331, CVE-2009-4324, VU#508357.

Vulnerability : CVE-2009-3953

A PDF document can generate a buffer overflow in the U3D feature, in order to execute code.
Severity: 4/4.
Identifiers: BID-37758, CVE-2009-3953.

Vulnerability : CVE-2009-3954

A PDF document can load a DLL via the 3D feature, in order to execute code.
Severity: 4/4.
Identifiers: BID-37761, CVE-2009-3954.

Vulnerability : CVE-2009-3955

A PDF document can generate a memory corruption during Jp2c/JpxDecode decoding, in order to execute code.
Severity: 4/4.
Identifiers: BID-37757, CVE-2009-3955.
Publications and announces

Vulnerability : CVE-2009-3956

A PDF document can inject JavaScript, which can be executed in the context of another domain.
Severity: 3/4.
Identifiers: BID-37763, CVE-2009-3956.
Publications and announces

Vulnerability : CVE-2009-3957

A PDF document can dereference a NULL pointer, in order to generate a denial of service.
Severity: 1/4.
Identifiers: BID-37760, CVE-2009-3957.

Vulnerability : CVE-2009-3958

A PDF document can generate a buffer overflow in the Download Manager (getPlus Helper, gp.ocx), in order to execute code.
Severity: 3/4.
Identifiers: CVE-2009-3958, VU#773545.

Vulnerability : CVE-2010-1278

A PDF document can generate a buffer overflow in Atlcom.get_atlcom of the Download Manager (gp.ocx), in order to execute code.
Severity: 3/4.
Identifiers: BID-39615, CVE-2010-1278, ZDI-10-077.
Publications and announces

Vulnerability : CVE-2009-3959

A PDF document can generate an integer overflow in the U3D feature, in order to execute code.
Severity: 4/4.
Identifiers: BID-37756, CVE-2009-3959.
Publications and announces

Metasploit attack

Exploit 0day or proof of concept

Computer vulnerabilities tracking service

The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer vulnerability bulletins



















France Télécom Copyright 1999-2010 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française