Vulnerability CVE-2009-0928 - CERT Civis.Net

Vulnerability Name:

CVE-2009-0928 (CCN-49406)

Assigned:

2009-02-19

Published:

2009-02-19

Updated:

2018-10-30

Summary:

Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table.

CVSS v3 Severity:

10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2009-0928

Source: IDEFENSE
Type: UNKNOWN
20090324 Adobe Reader and Acrobat JBIG2 Encoded Stream Heap Overflow Vulnerability

Source: SUSE
Type: UNKNOWN
SUSE-SA:2009:014

Source: SUSE
Type: UNKNOWN
SUSE-SR:2009:009

Source: CCN
Type: RHSA-2009-0376
Critical: acroread security update

Source: SECUNIA
Type: Vendor Advisory
34392

Source: SECUNIA
Type: Vendor Advisory
34490

Source: CCN
Type: SA34706
Sun Solaris Adobe Reader Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
34706

Source: SECUNIA
Type: Vendor Advisory
34790

Source: GENTOO
Type: UNKNOWN
GLSA-200904-17

Source: CCN
Type: SECTRACK ID: 1021892
Adobe Reader Flaws in JBIG2 Filter Let Remote Users Execute Arbitrary

Source: CCN
Type: Sun Alert ID: 256788
Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause a Denial of Service (DoS) (Adobe Security Bulletin APSB09-04)

Source: SUNALERT
Type: UNKNOWN
256788

Source: CCN
Type: ASA-2009-106
acroread security update (RHSA-2009-0376)

Source: CCN
Type: Adobe Product Security Bulletin APSB09-04
Security Updates available for Adobe Reader and Acrobat

Source: CONFIRM
Type: Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb09-04.html

Source: REDHAT
Type: UNKNOWN
RHSA-2009:0376

Source: BID
Type: UNKNOWN
34229

Source: CCN
Type: BID-34229
Adobe Acrobat and Reader JBIG2 Image Processing Multiple Remote Code Execution Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1021892

Source: VUPEN
Type: Vendor Advisory
ADV-2009-1019

Source: XF
Type: UNKNOWN
adobe-acrobat-reader-jbig2size-bo(49406)

Source: CCN
Type: iDefense PUBLIC ADVISORY: 03.24.09
Adobe Reader and Acrobat JBIG2 Encoded Stream Heap Overflow Vulnerability

Source: SUSE
Type: SUSE-SA:2009:014
Acrobat Reader remote code execution

Source: SUSE
Type: SUSE-SR:2009:009
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:adobe:acrobat:3.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:3.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:4.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:4.0.5:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:4.0.5a:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:4.0.5c:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:5.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:5.0.5:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:5.0.10:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:6.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:6.0.2:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:6.0.3:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:6.0.4:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:6.0.5:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:6.0.6:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.0.2:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.0.3:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.0.4:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.0.5:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.0.6:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.0.7:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.0.8:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.0.9:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.1.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.1.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.1.2:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.1.3:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:7.1.4:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.2:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat:*:*:*:*:*:*:*:* (Version <= 9.0)

Configuration 2:

cpe:/a:adobe:acrobat_reader:3.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:3.01:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:3.02:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:4.0.5:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:4.0.5a:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:4.0.5c:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:4.5:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:5.0.7:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:5.0.9:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:5.0.10:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:5.0.11:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:5.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:6.0.4:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:6.0.5:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:6.0.6:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.0.9:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.1.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.1.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.1.2:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.1.3:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.1.4:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:*:*:*:*:*:*:*:* (Version <= 9.0)

Configuration RedHat 1:

cpe:/a:redhat:rhel_extras:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:rhel_extras:3:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:adobe:acrobat_reader:9:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:8.1.3:*:*:*:*:*:*:*

OR cpe:/a:adobe:acrobat_reader:7.1.0:*:*:*:*:*:*:*

AND

cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*

OR cpe:/a:redhat:rhel_extras:3:*:*:*:*:*:*:*

OR cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20090928	V	CVE-2009-0928	2015-11-16
oval:org.mitre.oval:def:22770	P	ELSA-2009:0376: acroread security update (Critical)	2014-05-26
oval:com.redhat.rhsa:def:20090376	P	RHSA-2009:0376: acroread security update (Critical)	2009-03-25