CVE-2009-2990

Related Files

Adobe U3D CLODProgressiveMeshDeclaration Array Overrun

Posted Dec 31, 2009

Authored by Felipe Andres Manzano, jduck | Site metasploit.com

This Metasploit module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.4, < 8.1.7, and < 9.2. By creating a specially crafted pdf that a contains malformed U3D data, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary

advisories | CVE-2009-2990

SHA-256 | fdb0c241722cd2aa67d4eb9f05c46f52ce09ac8fae6eb7afb1cb35f20897926e

Download | Favorite | View

Adobe Acrobat Reader Arbitrary Dereference Proof Of Concept

Posted Nov 17, 2009

Authored by Felipe Andres Manzano

When a U3D CLODProgressiveMeshContinuation (blocktype: 0xFFFFFF3C) is parsed by Adobe Acrobat Reader U3D plugin the split position index is read from the input without any validation. That index is then used for getting an object out of the limits of the array, object from which a function pointer is dereferenced and called. Adobe Acrobat Reader version 8.1.6 and below and 9.1.3 and below are affected.

tags | exploit

advisories | CVE-2009-2990

SHA-256 | f13045466b5a75506fbe65fd83ad85cca5999df4143ceaf0a1f3d413d2624905

Download | Favorite | View

Gentoo Linux Security Advisory 200910-3

Posted Oct 26, 2009

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 200910-3 - Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code, or other attacks. Multiple vulnerabilities were discovered in Adobe Reader. Versions less than 9.2 are affected.

tags | advisory, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2007-0045, CVE-2007-0048, CVE-2009-2979, CVE-2009-2980, CVE-2009-2981, CVE-2009-2982, CVE-2009-2983, CVE-2009-2985, CVE-2009-2986, CVE-2009-2988, CVE-2009-2990, CVE-2009-2991, CVE-2009-2993, CVE-2009-2994, CVE-2009-2996, CVE-2009-2997, CVE-2009-2998, CVE-2009-3431

SHA-256 | cf303bc61426589808c198dba2d9c4e5dc717575857163c0c64d5200873a727a

Download | Favorite | View

iDEFENSE Security Advisory 2009-10-13.1

Posted Oct 14, 2009

Authored by iDefense Labs, Dionysus Blazakis | Site idefense.com

iDefense Security Advisory 10.13.09 - Remote exploitation of an invalid array index vulnerability in Adobe Systems Inc.'s Reader and Acrobat could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a U3D file embedded inside of a PDF. U3D is a file format used to represent 3D images. When parsing a U3D file, the parsing code fails to validate a value from the file used as index into a list of objects. This results in an attacker being able to specify an arbitrary value for a function pointer, which leads to the execution of arbitrary code. iDefense confirmed the existence of this vulnerability in Reader and Acrobat versions 9.1.3 and 8.1.6. Previous versions may also be affected.

tags | advisory, remote, arbitrary

advisories | CVE-2009-2990

SHA-256 | 036e3aa6e99462fba57e81b58b99274ca7837766dda18884ae3b383d0ebe33ff

Download | Favorite | View