Vulnerability Name:

CVE-2009-0658 (CCN-48825)

Assigned:2009-02-19
Published:2009-02-19
Updated:2019-09-27
Summary:Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
CVSS v3 Severity:7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
7.7 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
7.7 High (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.6 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2009-0658

Source: MISC
Type: Third Party Advisory
http://isc.sans.org/diary.html?n&storyid=5902

Source: SUSE
Type: Third Party Advisory
SUSE-SA:2009:014

Source: SUSE
Type: Third Party Advisory
SUSE-SR:2009:009

Source: OSVDB
Type: Broken Link
52073

Source: CCN
Type: RHSA-2009-0376
Critical: acroread security update

Source: CCN
Type: SA33901
Adobe Reader/Acrobat JBIG2 Stream Array Indexing Vulnerability

Source: SECUNIA
Type: Third Party Advisory
33901

Source: SECUNIA
Type: Third Party Advisory
34392

Source: SECUNIA
Type: Third Party Advisory
34490

Source: CCN
Type: SA34706
Sun Solaris Adobe Reader Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
34706

Source: SECUNIA
Type: Third Party Advisory
34790

Source: GENTOO
Type: Third Party Advisory
GLSA-200904-17

Source: CCN
Type: SECTRACK ID: 1021739
Adobe Acrobat Reader Buffer Overflow Lets Remote Users Execute Arbitrary Code

Source: SUNALERT
Type: Third Party Advisory
256788

Source: CCN
Type: ASA-2009-106
acroread security update (RHSA-2009-0376)

Source: CCN
Type: NORTEL BULLETIN ID: 2009009391, Rev 1
Nortel Response to Adobe APSA09-01 - Buffer overflow issue in v9.0 and earlier of Adobe Reader and Acrobat:

Source: CCN
Type: Adobe Product Security Advisory APSA09-01
Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat

Source: CONFIRM
Type: Vendor Advisory
http://www.adobe.com/support/security/advisories/apsa09-01.html

Source: CCN
Type: Adobe Product Security Bulletin APSB09-03
Security Updates available for Adobe Reader 9 and Acrobat 9

Source: CONFIRM
Type: Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb09-04.html

Source: CCN
Type: IBM Internet Security Systems Protection Alert - Feb. 20, 2009
Adobe Reader and Adobe Acrobat JBIG2 Image Stream Remote Code Execution

Source: CCN
Type: US-CERT VU#905281
Adobe Reader and Acrobat JBIG2 buffer overflow vulnerability

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#905281

Source: CCN
Type: OSVDB ID: 52073
Adobe Reader / Acrobat Document Handling JBIG2 Compression Overflow

Source: REDHAT
Type: Third Party Advisory
RHSA-2009:0376

Source: BID
Type: Third Party Advisory, VDB Entry
33751

Source: CCN
Type: BID-33751
Adobe Acrobat and Reader PDF File Handling JBIG2 Image Remote Code Execution Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1021739

Source: CCN
Type: Shadowserver Foundation Blog, February 19, 2009, at 03:03 PM
When PDFs Attack - Acrobat [Reader] 0-Day On the Loose

Source: MISC
Type: Third Party Advisory
http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219

Source: MISC
Type: Third Party Advisory
http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99&tabid=2

Source: CCN
Type: TLSA-2009-10
Buffer overflow

Source: CCN
Type: US-CERT Technical Cyber Security Alert TA09-051A
Adobe Acrobat and Reader Vulnerability

Source: CERT
Type: Third Party Advisory, US Government Resource
TA09-051A

Source: FRSIRT
Type: Third Party Advisory
ADV-2009-0472

Source: VUPEN
Type: Third Party Advisory
ADV-2009-1019

Source: XF
Type: UNKNOWN
adobe-acrobat-reader-image-bo(48825)

Source: XF
Type: VDB Entry
adobe-acrobat-reader-image-bo(48825)

Source: OVAL
Type: Tool Signature
oval:org.mitre.oval:def:5697

Source: EXPLOIT-DB
Type: Third Party Advisory, VDB Entry
8090

Source: EXPLOIT-DB
Type: Third Party Advisory, VDB Entry
8099

Source: SUSE
Type: SUSE-SA:2009:014
Acrobat Reader remote code execution

Source: SUSE
Type: SUSE-SR:2009:009
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:adobe:acrobat:*:*:*:*:*:*:*:* (Version >= 7.0 and <= 7.1.1)
  • OR cpe:/a:adobe:acrobat:*:*:*:*:*:*:*:* (Version >= 8.0 and <= 8.1.4)
  • OR cpe:/a:adobe:acrobat:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:*:*:*:*:*:*:*:* (Version >= 7.0 and <= 7.1.1)
  • OR cpe:/a:adobe:acrobat_reader:*:*:*:*:*:*:*:* (Version >= 8.0 and <= 8.1.4)
  • OR cpe:/a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/a:redhat:rhel_extras:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/a:redhat:rhel_extras:3:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:7.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0::standard:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.1::standard:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.1::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.2::standard:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.2::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.3::standard:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.3::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.4::standard:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.4::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.5::standard:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.5::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.6::standard:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.6::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.7::standard:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.7::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.8::standard:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.8::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:7.0.9::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:8.0::standard:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:8.1::standard:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:8.1.1::standard:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:8.1.2::standard:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:8.0::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:8.1.1::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:8.1.2::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:9.0::professional:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:9.0::professional_extended:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:acrobat:9.0::standard:*:*:*:*:*
  • AND
  • cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_extras:3:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20090658
    V
    		CVE-2009-0658
    2015-11-16
    oval:org.mitre.oval:def:22770
    P
    		ELSA-2009:0376: acroread security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:5697
    V
    		Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier (APSA09-01)
    2013-08-19
    oval:com.redhat.rhsa:def:20090376
    P
    		RHSA-2009:0376: acroread security update (Critical)
    2009-03-25
    BACK
    adobe acrobat *
    adobe acrobat *
    adobe acrobat 9.0
    adobe acrobat reader *
    adobe acrobat reader *
    adobe acrobat reader 9.0
    adobe acrobat reader 7.0
    adobe acrobat reader 7.0.1
    adobe acrobat reader 7.0.2
    adobe acrobat reader 8.0
    adobe acrobat reader 8.1.2
    adobe acrobat reader 7.0.3
    adobe acrobat reader 7.0.4
    adobe acrobat reader 7.0.5
    adobe acrobat reader 7.0.6
    adobe acrobat reader 7.0.7
    adobe acrobat reader 7.0.8
    adobe acrobat reader 7.0.9
    adobe acrobat reader 8.1
    adobe acrobat reader 8.1.1
    adobe acrobat 7.0
    adobe acrobat 7.0
    adobe acrobat 7.0.1
    adobe acrobat 7.0.1
    adobe acrobat 7.0.2
    adobe acrobat 7.0.2
    adobe acrobat 7.0.3
    adobe acrobat 7.0.3
    adobe acrobat 7.0.4
    adobe acrobat 7.0.4
    adobe acrobat 7.0.5
    adobe acrobat 7.0.5
    adobe acrobat 7.0.6
    adobe acrobat 7.0.6
    adobe acrobat 7.0.7
    adobe acrobat 7.0.7
    adobe acrobat 7.0.8
    adobe acrobat 7.0.8
    adobe acrobat 7.0.9
    adobe acrobat 8.0
    adobe acrobat 8.1
    adobe acrobat 8.1.1
    adobe acrobat 8.1.2
    adobe acrobat 8.0
    adobe acrobat 8.1.1
    adobe acrobat 8.1.2
    adobe acrobat 9.0
    adobe acrobat 9.0
    adobe acrobat reader 9.0
    adobe acrobat 9.0
    novell linux desktop 9
    redhat rhel extras 3
    redhat rhel extras 4
    novell opensuse 10.3
    novell opensuse 11.0