Vulnerability Details CVE-2009-4324
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.936
EPSS Ranking 99.8%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
Proposed Action
Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.
Ransomware Campaign
Unknown
References
- http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
- http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html
- http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html
- http://osvdb.org/60980
- http://secunia.com/advisories/37690
- http://secunia.com/advisories/38138
- http://secunia.com/advisories/38215
- http://www.adobe.com/support/security/advisories/apsa09-07.html
- http://www.adobe.com/support/security/bulletins/apsb10-02.html
- http://www.kb.cert.org/vuls/id/508357
- http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb
- http://www.redhat.com/support/errata/RHSA-2010-0060.html
- http://www.securityfocus.com/bid/37331
- http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214
- http://www.symantec.com/connect/blogs/zero-day-xmas-present
- http://www.us-cert.gov/cas/techalerts/TA10-013A.html
- http://www.vupen.com/english/advisories/2009/3518
- http://www.vupen.com/english/advisories/2010/0103
- https://bugzilla.redhat.com/show_bug.cgi?id=547799
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54747
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795
- http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
- http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html
- http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html
- http://osvdb.org/60980
- http://secunia.com/advisories/37690
- http://secunia.com/advisories/38138
- http://secunia.com/advisories/38215
- http://www.adobe.com/support/security/advisories/apsa09-07.html
- http://www.adobe.com/support/security/bulletins/apsb10-02.html
- http://www.kb.cert.org/vuls/id/508357
- http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb
- http://www.redhat.com/support/errata/RHSA-2010-0060.html
- http://www.securityfocus.com/bid/37331
- http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214
- http://www.symantec.com/connect/blogs/zero-day-xmas-present
- http://www.us-cert.gov/cas/techalerts/TA10-013A.html
- http://www.vupen.com/english/advisories/2009/3518
- http://www.vupen.com/english/advisories/2010/0103
- https://bugzilla.redhat.com/show_bug.cgi?id=547799
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54747
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795
Products affected by CVE-2009-4324
-
cpe:2.3:a:adobe:acrobat:8.0
-
cpe:2.3:a:adobe:acrobat:8.0.0
-
cpe:2.3:a:adobe:acrobat:8.1
-
cpe:2.3:a:adobe:acrobat:8.1.1
-
cpe:2.3:a:adobe:acrobat:8.1.2
-
cpe:2.3:a:adobe:acrobat:8.1.3
-
cpe:2.3:a:adobe:acrobat:8.1.4
-
cpe:2.3:a:adobe:acrobat:8.1.5
-
cpe:2.3:a:adobe:acrobat:8.1.6
-
cpe:2.3:a:adobe:acrobat:8.1.7
-
cpe:2.3:a:adobe:acrobat:9.0
-
cpe:2.3:a:adobe:acrobat:9.1
-
cpe:2.3:a:adobe:acrobat:9.1.1
-
cpe:2.3:a:adobe:acrobat:9.1.2
-
cpe:2.3:a:adobe:acrobat:9.1.3
-
cpe:2.3:a:adobe:acrobat:9.2
-
cpe:2.3:a:adobe:acrobat_reader:8.0
-
cpe:2.3:a:adobe:acrobat_reader:8.1
-
cpe:2.3:a:adobe:acrobat_reader:8.1.1
-
cpe:2.3:a:adobe:acrobat_reader:8.1.2
-
cpe:2.3:a:adobe:acrobat_reader:8.1.3
-
cpe:2.3:a:adobe:acrobat_reader:8.1.4
-
cpe:2.3:a:adobe:acrobat_reader:8.1.5
-
cpe:2.3:a:adobe:acrobat_reader:8.1.6
-
cpe:2.3:a:adobe:acrobat_reader:8.1.7
-
cpe:2.3:a:adobe:acrobat_reader:9.0
-
cpe:2.3:a:adobe:acrobat_reader:9.1
-
cpe:2.3:a:adobe:acrobat_reader:9.1.1
-
cpe:2.3:a:adobe:acrobat_reader:9.1.2
-
cpe:2.3:a:adobe:acrobat_reader:9.1.3
-
cpe:2.3:a:adobe:acrobat_reader:9.2
-
cpe:2.3:a:suse:linux_enterprise_debuginfo:11
-
cpe:2.3:o:apple:mac_os_x:-
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:opensuse:opensuse:11.1
-
cpe:2.3:o:opensuse:opensuse:11.2
-
cpe:2.3:o:suse:linux_enterprise:10.0