National Vulnerability Database (NVD) National Vulnerability Database (CVE-2009-1492)

National Cyber-Alert System

Vulnerability Summary for CVE-2009-1492

Original release date:04/30/2009

Last revised:08/12/2009

Source: US-CERT/NIST

Overview

The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C) (legend)

Impact Subscore: 10.0

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type:Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Technical Alert: TA09-133B

Name: TA09-133B

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA09-133B.html

US-CERT Vulnerability Note: VU#970180

Name: VU#970180

Hyperlink:http://www.kb.cert.org/vuls/id/970180

External Source: XF

Name: reader-getannots-code-execution(50145)

Hyperlink:http://xforce.iss.net/xforce/xfdb/50145

External Source: VUPEN

Name: ADV-2009-1317

Hyperlink:http://www.vupen.com/english/advisories/2009/1317

External Source: VUPEN

Name: ADV-2009-1189

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2009/1189

External Source: SECTRACK

Name: 1022139

Hyperlink:http://www.securitytracker.com/id?1022139

External Source: BID

Name: 34736

Hyperlink:http://www.securityfocus.com/bid/34736

External Source: REDHAT

Name: RHSA-2009:0478

Hyperlink:http://www.redhat.com/support/errata/RHSA-2009-0478.html

External Source: MILW0RM

Name: 8569

Hyperlink:http://www.milw0rm.com/exploits/8569

External Source: CONFIRM

Name: http://www.adobe.com/support/security/bulletins/apsb09-06.html

Hyperlink:http://www.adobe.com/support/security/bulletins/apsb09-06.html

External Source: CONFIRM

Name: http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=926953

Hyperlink:http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=926953

External Source: SUNALERT

Name: 259028

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1

External Source: GENTOO

Name: GLSA-200907-06

Hyperlink:http://security.gentoo.org/glsa/glsa-200907-06.xml

External Source: SECUNIA

Name: 35734

Hyperlink:http://secunia.com/advisories/35734

External Source: SECUNIA

Name: 35416

Hyperlink:http://secunia.com/advisories/35416

External Source: SECUNIA

Name: 35358

Hyperlink:http://secunia.com/advisories/35358

External Source: SECUNIA

Name: 35152

Hyperlink:http://secunia.com/advisories/35152

External Source: SECUNIA

Name: 35096

Hyperlink:http://secunia.com/advisories/35096

External Source: SECUNIA

Name: 35055

Hyperlink:http://secunia.com/advisories/35055

External Source: SECUNIA

Name: 34924

Type: Advisory

Hyperlink:http://secunia.com/advisories/34924

External Source: MISC

Name: http://packetstorm.linuxsecurity.com/0904-exploits/getannots.txt

Hyperlink:http://packetstorm.linuxsecurity.com/0904-exploits/getannots.txt

External Source: OSVDB

Name: 54130

Hyperlink:http://osvdb.org/54130

External Source: SUSE

Name: SUSE-SR:2009:011

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

External Source: SUSE

Name: SUSE-SA:2009:027

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html

External Source: CONFIRM

Name: http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html

Hyperlink:http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html

External Source: CONFIRM

Name: http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html

Type: Advisory

Hyperlink:http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html

External Source: MISC

Name: http://blogs.adobe.com/psirt/2009/04/potential_adobe_reader_issue.html

Type: Advisory

Hyperlink:http://blogs.adobe.com/psirt/2009/04/potential_adobe_reader_issue.html

Vulnerable software and versions

Configuration 1

* cpe:/a:adobe:acrobat:6.0.3::mac_os_x

* cpe:/a:adobe:acrobat:6.0.4::mac_os_x

* cpe:/a:adobe:acrobat:6.0.1::mac_os_x

* cpe:/a:adobe:acrobat:6.0.2::mac_os_x

* cpe:/a:adobe:acrobat:6.0::mac_os_x

* cpe:/a:adobe:acrobat:6.0

* cpe:/a:adobe:acrobat:6.0.1

* cpe:/a:adobe:acrobat:6.0.2

* cpe:/a:adobe:acrobat:6.0.3

* cpe:/a:adobe:acrobat:6.0.4

* cpe:/a:adobe:acrobat:6.0.5

* cpe:/a:adobe:acrobat:7.1.1 and previous versions

* cpe:/a:adobe:acrobat:7.1.0

* cpe:/a:adobe:acrobat:7.1

* cpe:/a:adobe:acrobat:7.0.9

* cpe:/a:adobe:acrobat:7.0::standard

* cpe:/a:adobe:acrobat:7.0::professional

* cpe:/a:adobe:acrobat:7.0.8::standard

* cpe:/a:adobe:acrobat:7.0.8::professional

* cpe:/a:adobe:acrobat:7.0.8::elements

* cpe:/a:adobe:acrobat:7.0.8

* cpe:/a:adobe:acrobat:7.0.7::standard

* cpe:/a:adobe:acrobat:7.0.7::professional

* cpe:/a:adobe:acrobat:7.0.7

* cpe:/a:adobe:acrobat:7.0.6::standard

* cpe:/a:adobe:acrobat:7.0.6::professional

* cpe:/a:adobe:acrobat:7.0.6

* cpe:/a:adobe:acrobat:7.0.5::standard

* cpe:/a:adobe:acrobat:7.0.5::professional

* cpe:/a:adobe:acrobat:7.0.5

* cpe:/a:adobe:acrobat:7.0.4::standard

* cpe:/a:adobe:acrobat:7.0.4::professional

* cpe:/a:adobe:acrobat:7.0.4

* cpe:/a:adobe:acrobat:7.0.3::standard

* cpe:/a:adobe:acrobat:7.0.3::professional

* cpe:/a:adobe:acrobat:7.0.3

* cpe:/a:adobe:acrobat:7.0.2::standard

* cpe:/a:adobe:acrobat:7.0.2::professional

* cpe:/a:adobe:acrobat:7.0.2

* cpe:/a:adobe:acrobat:7.0.1::standard

* cpe:/a:adobe:acrobat:7.0.1::professional

* cpe:/a:adobe:acrobat:7.0.1

* cpe:/a:adobe:acrobat:7.0

* cpe:/a:adobe:acrobat:5.0.10::mac_os_x

* cpe:/a:adobe:acrobat:5.0::mac_os_x

* cpe:/a:adobe:acrobat:5.0.5::mac_os_x

* cpe:/a:adobe:acrobat:5.0

* cpe:/a:adobe:acrobat:5.0.10

* cpe:/a:adobe:acrobat:5.0.5

* cpe:/a:adobe:acrobat:5.0.6

* cpe:/a:adobe:acrobat:4.0.5a::mac_os_x

* cpe:/a:adobe:acrobat:4.0.5c::mac_os_x

* cpe:/a:adobe:acrobat:4.0.5::mac_os_x

* cpe:/a:adobe:acrobat:4.0::mac_os_x

* cpe:/a:adobe:acrobat:4.0

* cpe:/a:adobe:acrobat:4.0.5

* cpe:/a:adobe:acrobat:4.0.5a

* cpe:/a:adobe:acrobat:4.0.5c

* cpe:/a:adobe:acrobat:3.1::mac_os_x

* cpe:/a:adobe:acrobat:3.0::mac_os_x

* cpe:/a:adobe:acrobat:3.0

* cpe:/a:adobe:acrobat:3.1

* cpe:/a:adobe:acrobat:9.1 and previous versions

* cpe:/a:adobe:acrobat:8.1.4 and previous versions

Configuration 2

* cpe:/a:adobe:reader:7.1.1 and previous versions

* cpe:/a:adobe:reader:7.1.0

* cpe:/a:adobe:reader:7.0.9

* cpe:/a:adobe:reader:7.0.8

* cpe:/a:adobe:reader:7.0.7

* cpe:/a:adobe:reader:7.0.5

* cpe:/a:adobe:reader:7.0.3

* cpe:/a:adobe:reader:7.0.2

* cpe:/a:adobe:reader:7.0.1

* cpe:/a:adobe:reader:6.0.5

* cpe:/a:adobe:reader:6.0.4

* cpe:/a:adobe:reader:6.0.3

* cpe:/a:adobe:reader:6.0.2

* cpe:/a:adobe:reader:6.0.1

* cpe:/a:adobe:reader:6.0

* cpe:/a:adobe:reader:5.1

* cpe:/a:adobe:reader:5.0.9

* cpe:/a:adobe:reader:5.0.7

* cpe:/a:adobe:reader:5.0.6

* cpe:/a:adobe:reader:5.0.11

* cpe:/a:adobe:reader:5.0.10

* cpe:/a:adobe:reader:5.0.5

* cpe:/a:adobe:reader:5.0

* cpe:/a:adobe:reader:4.5

* cpe:/a:adobe:reader:4.0.5c

* cpe:/a:adobe:reader:4.0.5a

* cpe:/a:adobe:reader:4.0.5

* cpe:/a:adobe:reader:4.0

* cpe:/a:adobe:reader:3.0

* cpe:/a:adobe:reader:8.1.4 and previous versions

* cpe:/a:adobe:reader:9.1 and previous versions

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Resource Management Errors (CWE-399)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1492