Adobe Reader Javascript API spell.customDictonaryOpen memory corruption

2009-05-1200:00:00

SAINT Corporation

download.saintcorporation.com

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.909

Percentile

98.9%

JSON

Added: 05/12/2009
CVE: CVE-2009-1493
BID: 34740
OSVDB: 54129

Background

Adobe Reader is free software for viewing PDF documents.

Problem

A memory corruption vulnerability in the Javascript API in Adobe Reader allows command execution when a user opens a specially crafted PDF file which calls the **spell.customDictionaryOpen** method.

Resolution

Apply the patches referenced in APSB09-06.

References

<http://www.kb.cert.org/vuls/id/970180>

Limitations

Exploit works on Adobe Reader 8.1.3 and 9.1 on Ubuntu 8.04.1 and Red Hat Enterprise Linux 5 with Exec-Shield enabled. Note that binary files AdbeRdr9.1.0-1_i486linux_enu.bin and AdobeReader_enu-8.1.3-1.i486.tar.gz from the official site of the vendor were used to develop this exploit.