Lucene search

K

AdobeCVELIST:CVE-2009-4324

HistoryDec 15, 2009 - 2:00 a.m.

CVE-2009-4324

2009-12-1502:00:00

adobe

www.cve.org

4

AI Score

7.2

Confidence

Low

EPSS

0.97

Percentile

99.8%

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.

References

blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html

contagiodump.blogspot.com/2009/12/virustotal-httpwww.html

lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html

osvdb.org/60980

secunia.com/advisories/37690

secunia.com/advisories/38138

secunia.com/advisories/38215

www.adobe.com/support/security/advisories/apsa09-07.html

www.adobe.com/support/security/bulletins/apsb10-02.html

www.kb.cert.org/vuls/id/508357

www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb

www.redhat.com/support/errata/RHSA-2010-0060.html

www.securityfocus.com/bid/37331

www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214

www.symantec.com/connect/blogs/zero-day-xmas-present

www.us-cert.gov/cas/techalerts/TA10-013A.html

www.vupen.com/english/advisories/2009/3518

www.vupen.com/english/advisories/2010/0103

bugzilla.redhat.com/show_bug.cgi?id=547799

exchange.xforce.ibmcloud.com/vulnerabilities/54747

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795

AI Score

7.2

Confidence

Low

EPSS

0.97

Percentile

99.8%

Related for CVELIST:CVE-2009-4324

packetstorm3 ubuntucve1 checkpoint_advisories3 openvas8 seebug4 prion1 nvd1 saint4 attackerkb1 metasploit2 canvas1 threatpost3 exploitpack1 cert1 cisa_kev1 cve1 exploitdb3 redhat3 nessus15 securityvulns2 suse1 gentoo1