CVE-2009-2985

Related Files

Gentoo Linux Security Advisory 200910-3

Posted Oct 26, 2009

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 200910-3 - Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code, or other attacks. Multiple vulnerabilities were discovered in Adobe Reader. Versions less than 9.2 are affected.

tags | advisory, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2007-0045, CVE-2007-0048, CVE-2009-2979, CVE-2009-2980, CVE-2009-2981, CVE-2009-2982, CVE-2009-2983, CVE-2009-2985, CVE-2009-2986, CVE-2009-2988, CVE-2009-2990, CVE-2009-2991, CVE-2009-2993, CVE-2009-2994, CVE-2009-2996, CVE-2009-2997, CVE-2009-2998, CVE-2009-3431

SHA-256 | cf303bc61426589808c198dba2d9c4e5dc717575857163c0c64d5200873a727a

Download | Favorite | View

Zero Day Initiative Advisory 09-073

Posted Oct 14, 2009

Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-073 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the application parses a PDF file containing a malformed Compact Font Format stream. While decoding the font embedded in this stream, the application will explicitly trust a 16-bit value used to index into an array of elements. Usage of the object later will cause heap corruption which can be leveraged to achieve code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution

advisories | CVE-2009-2985

SHA-256 | f5b15979453779951c6615a8065d41b0917042b56b721df3bbc4be4c0c3e8a33

Download | Favorite | View