Vulnerability-Lookup

CVE-2009-0658 (GCVE-0-2009-0658)

Vulnerability from cvelistv5 – Published: 2009-02-20 19:00 – Updated: 2024-08-07 04:40

Summary

Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.shadowserver.org/wiki/pmwiki.php?n=Cal…	x_refsource_MISC
	http://secunia.com/advisories/34790	third-party-advisoryx_refsource_SECUNIA
	http://www.adobe.com/support/security/bulletins/a…	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/8099	exploitx_refsource_EXPLOIT-DB
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://isc.sans.org/diary.html?n&storyid=5902	x_refsource_MISC
	http://www.us-cert.gov/cas/techalerts/TA09-051A.html	third-party-advisoryx_refsource_CERT
	http://www.adobe.com/support/security/advisories/…	x_refsource_CONFIRM
	http://osvdb.org/52073	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/34490	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/33901	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2009-03…	vendor-advisoryx_refsource_REDHAT
	http://www.symantec.com/security_response/writeup…	x_refsource_MISC
	http://secunia.com/advisories/34392	third-party-advisoryx_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/34706	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2009/0472	third-party-advisoryx_refsource_FRSIRT
	http://www.kb.cert.org/vuls/id/905281	third-party-advisoryx_refsource_CERT-VN
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://www.securityfocus.com/bid/33751	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id?1021739	vdb-entryx_refsource_SECTRACK
	https://www.exploit-db.com/exploits/8090	exploitx_refsource_EXPLOIT-DB
	http://security.gentoo.org/glsa/glsa-200904-17.xml	vendor-advisoryx_refsource_GENTOO
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.vupen.com/english/advisories/2009/1019	vdb-entryx_refsource_VUPEN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:40:05.123Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
          },
          {
            "name": "34790",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34790"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
          },
          {
            "name": "8099",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/8099"
          },
          {
            "name": "oval:org.mitre.oval:def:5697",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
          },
          {
            "name": "TA09-051A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
          },
          {
            "name": "52073",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/52073"
          },
          {
            "name": "34490",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34490"
          },
          {
            "name": "33901",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33901"
          },
          {
            "name": "RHSA-2009:0376",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
          },
          {
            "name": "34392",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34392"
          },
          {
            "name": "SUSE-SA:2009:014",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
          },
          {
            "name": "34706",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34706"
          },
          {
            "name": "ADV-2009-0472",
            "tags": [
              "third-party-advisory",
              "x_refsource_FRSIRT",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0472"
          },
          {
            "name": "VU#905281",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/905281"
          },
          {
            "name": "256788",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
          },
          {
            "name": "33751",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33751"
          },
          {
            "name": "adobe-acrobat-reader-image-bo(48825)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
          },
          {
            "name": "1021739",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1021739"
          },
          {
            "name": "8090",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/8090"
          },
          {
            "name": "GLSA-200904-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
          },
          {
            "name": "SUSE-SR:2009:009",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
          },
          {
            "name": "ADV-2009-1019",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1019"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-02-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
        },
        {
          "name": "34790",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34790"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
        },
        {
          "name": "8099",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/8099"
        },
        {
          "name": "oval:org.mitre.oval:def:5697",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
        },
        {
          "name": "TA09-051A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
        },
        {
          "name": "52073",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/52073"
        },
        {
          "name": "34490",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34490"
        },
        {
          "name": "33901",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33901"
        },
        {
          "name": "RHSA-2009:0376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
        },
        {
          "name": "34392",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34392"
        },
        {
          "name": "SUSE-SA:2009:014",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
        },
        {
          "name": "34706",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34706"
        },
        {
          "name": "ADV-2009-0472",
          "tags": [
            "third-party-advisory",
            "x_refsource_FRSIRT"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0472"
        },
        {
          "name": "VU#905281",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/905281"
        },
        {
          "name": "256788",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
        },
        {
          "name": "33751",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33751"
        },
        {
          "name": "adobe-acrobat-reader-image-bo(48825)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
        },
        {
          "name": "1021739",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1021739"
        },
        {
          "name": "8090",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/8090"
        },
        {
          "name": "GLSA-200904-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
        },
        {
          "name": "SUSE-SR:2009:009",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
        },
        {
          "name": "ADV-2009-1019",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1019"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0658",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219",
              "refsource": "MISC",
              "url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
            },
            {
              "name": "34790",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34790"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb09-04.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
            },
            {
              "name": "8099",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/8099"
            },
            {
              "name": "oval:org.mitre.oval:def:5697",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
            },
            {
              "name": "http://isc.sans.org/diary.html?n\u0026storyid=5902",
              "refsource": "MISC",
              "url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
            },
            {
              "name": "TA09-051A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
            },
            {
              "name": "http://www.adobe.com/support/security/advisories/apsa09-01.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
            },
            {
              "name": "52073",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/52073"
            },
            {
              "name": "34490",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34490"
            },
            {
              "name": "33901",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33901"
            },
            {
              "name": "RHSA-2009:0376",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
            },
            {
              "name": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2",
              "refsource": "MISC",
              "url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
            },
            {
              "name": "34392",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34392"
            },
            {
              "name": "SUSE-SA:2009:014",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
            },
            {
              "name": "34706",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34706"
            },
            {
              "name": "ADV-2009-0472",
              "refsource": "FRSIRT",
              "url": "http://www.vupen.com/english/advisories/2009/0472"
            },
            {
              "name": "VU#905281",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/905281"
            },
            {
              "name": "256788",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
            },
            {
              "name": "33751",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33751"
            },
            {
              "name": "adobe-acrobat-reader-image-bo(48825)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
            },
            {
              "name": "1021739",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1021739"
            },
            {
              "name": "8090",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/8090"
            },
            {
              "name": "GLSA-200904-17",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
            },
            {
              "name": "SUSE-SR:2009:009",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
            },
            {
              "name": "ADV-2009-1019",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1019"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0658",
    "datePublished": "2009-02-20T19:00:00.000Z",
    "dateReserved": "2009-02-20T00:00:00.000Z",
    "dateUpdated": "2024-08-07T04:40:05.123Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-PM5J-JRQ9-VMHX

Vulnerability from github – Published: 2022-05-02 03:17 – Updated: 2022-05-02 03:17

Details

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-0658"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-02-20T19:30:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.",
  "id": "GHSA-pm5j-jrq9-vmhx",
  "modified": "2022-05-02T03:17:23Z",
  "published": "2022-05-02T03:17:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0658"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/8090"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/8099"
    },
    {
      "type": "WEB",
      "url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/52073"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/33901"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34392"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34490"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34706"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34790"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
    },
    {
      "type": "WEB",
      "url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
    },
    {
      "type": "WEB",
      "url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/905281"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/33751"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1021739"
    },
    {
      "type": "WEB",
      "url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
    },
    {
      "type": "WEB",
      "url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0472"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1019"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTA-2009-AVI-094

Vulnerability from certfr_avis - Published: 2009-03-11 - Updated: 2009-04-17

Une vulnérabilité dans l'interprétation des documents PDF par différents lecteurs permet à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Description

Une erreur dans différents produits relative à l'interprétation des objets encodés au format JBIG2 dans des fichiers PDF permet à un utilisateur de provoquer l'arrêt du logiciel (crash).

Elle permet également l'exécution de code arbitraire sur le système vulnérable avec les droits de l'utilisateur.

L'exploitation de la vulnérabilité ne nécessite pas nécessairement :

l'intervention de l'utilisateur ;
l'activation ou la désactivation du support du langage JavaScript.

Certains codes d'exploitation circulant actuellement sur l'Internet sont reconnus par des antivirus sous divers noms : Trojan.Pidief.E, Bloodhound.PDF-6 (Symantec), Exploit-PDF.i (NAI, Mac Afee)...

Certains lecteurs PDF installent une extension permettant à l'explorateur de fichiers de Microsoft Windows de réaliser un aperçu des fichiers au format PDF. De ce fait, la vulnérabilité peut également être exploitée par les méthodes suivantes :

lors de la sélection d'un fichier PDF exploitant cette vulnérabilité ;
lors de l'exploration d'un répertoire avec un affichage en mode miniature des icônes.

De plus, il semblerait que cette vulnérabilité puisse être exploitée lors de l'affichage de l'infobulle lié à un fichier PDF malveillant dont les méta-données ont été spécialement construites.

Enfin, l'utilisation de services d'indexation automatique (comme WIS, Windows Indexing Services) pourrait déclencher l'exploitation de la vulnérabilité sur un fichier présent sur l'espace de stockage sans intervention particulière de l'utilisateur.

Solution

Se référer à la documentation des éditeurs afin d'obtenir les correctifs (cf. Documentation).

None

Impacted products

Vendor	Product	Description
Foxit	PDF Reader	Adobe Reader versions 9.x, 8.x et 7.x ;
N/A	N/A	Xpdf versions antérieures à la mise à jour 3.02pl3.
Adobe	Acrobat	Adobe Acrobat Standard, Pro et Pro Extended, versions 9.x, 8.x et 7.x.
Foxit	N/A	KDE versions antérieures à la version 3.4.5-12 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB09-03 du 10 mars 2009	None	vendor-advisory
Bulletin de sécurité Adobe APSB09-04 du 18 mars 2009	None	vendor-advisory
Mise à jour Xpdf du 30 mars 2009 :	-	other
Bulletin de sécurité Red Hat RSHA-2009-0431 et RSHA-2009-430 du 16 avril 2009 :	-	other
Alerte CERTA-2009-ALE-001 du 20 février 2009:	-	other
Avis de sécurité Adobe apsa09-01 du 19 février 2009 :	-	other
Bulletin de sécurité Red Hat RSHA-2009-0431 et RSHA-2009-430 du 16 avril 2009 :	-	other
Bulletin de sécurité Adobe apsb09-03 du 10 mars 2009 :	-	other
Document du CERTA CERTA-2009-ALE-001 du 20 février 2009 :	-	other
Bulletin de sécurité Adobe apsb09-04 du 18 mars 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Reader versions 9.x, 8.x et 7.x ;",
      "product": {
        "name": "PDF Reader",
        "vendor": {
          "name": "Foxit",
          "scada": false
        }
      }
    },
    {
      "description": "Xpdf versions ant\u00e9rieures \u00e0 la mise \u00e0 jour 3.02pl3.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Acrobat Standard, Pro et Pro Extended, versions 9.x, 8.x et 7.x.",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "KDE versions ant\u00e9rieures \u00e0 la version 3.4.5-12 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Foxit",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne erreur dans diff\u00e9rents produits relative \u00e0 l\u0027interpr\u00e9tation des\nobjets encod\u00e9s au format JBIG2 dans des fichiers PDF permet \u00e0 un\nutilisateur de provoquer l\u0027arr\u00eat du logiciel (crash).\n\nElle permet \u00e9galement l\u0027ex\u00e9cution de code arbitraire sur le syst\u00e8me\nvuln\u00e9rable avec les droits de l\u0027utilisateur.\n\nL\u0027exploitation de la vuln\u00e9rabilit\u00e9 ne n\u00e9cessite pas n\u00e9cessairement :\n\n-   l\u0027intervention de l\u0027utilisateur ;\n-   l\u0027activation ou la d\u00e9sactivation du support du langage JavaScript.\n\n  \n  \n\nCertains codes d\u0027exploitation circulant actuellement sur l\u0027Internet sont\nreconnus par des antivirus sous divers noms\u00a0: Trojan.Pidief.E,\nBloodhound.PDF-6 (Symantec), Exploit-PDF.i (NAI, Mac Afee)...\n\n  \n  \n\nCertains lecteurs PDF installent une extension permettant \u00e0\nl\u0027explorateur de fichiers de Microsoft Windows de r\u00e9aliser un aper\u00e7u des\nfichiers au format PDF. De ce fait, la vuln\u00e9rabilit\u00e9 peut \u00e9galement \u00eatre\nexploit\u00e9e par les m\u00e9thodes suivantes :\n\n-   lors de la s\u00e9lection d\u0027un fichier PDF exploitant cette vuln\u00e9rabilit\u00e9\n    ;\n-   lors de l\u0027exploration d\u0027un r\u00e9pertoire avec un affichage en mode\n    miniature des ic\u00f4nes.\n\nDe plus, il semblerait que cette vuln\u00e9rabilit\u00e9 puisse \u00eatre exploit\u00e9e\nlors de l\u0027affichage de l\u0027infobulle li\u00e9 \u00e0 un fichier PDF malveillant dont\nles m\u00e9ta-donn\u00e9es ont \u00e9t\u00e9 sp\u00e9cialement construites.\n\nEnfin, l\u0027utilisation de services d\u0027indexation automatique (comme WIS,\nWindows Indexing Services) pourrait d\u00e9clencher l\u0027exploitation de la\nvuln\u00e9rabilit\u00e9 sur un fichier pr\u00e9sent sur l\u0027espace de stockage sans\nintervention particuli\u00e8re de l\u0027utilisateur.\n\n## Solution\n\nSe r\u00e9f\u00e9rer \u00e0 la documentation des \u00e9diteurs afin d\u0027obtenir les correctifs\n(cf. Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-0658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0658"
    },
    {
      "name": "CVE-2009-0927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0927"
    }
  ],
  "initial_release_date": "2009-03-11T00:00:00",
  "last_revision_date": "2009-04-17T00:00:00",
  "links": [
    {
      "title": "Mise \u00e0 jour Xpdf du 30 mars 2009 :",
      "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl3.patch"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RSHA-2009-0431 et    RSHA-2009-430 du 16 avril 2009 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0430.html"
    },
    {
      "title": "Alerte CERTA-2009-ALE-001 du 20 f\u00e9vrier 2009:",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ALE-001/"
    },
    {
      "title": "Avis de s\u00e9curit\u00e9 Adobe apsa09-01 du 19 f\u00e9vrier 2009 :",
      "url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RSHA-2009-0431 et    RSHA-2009-430 du 16 avril 2009 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-0431.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb09-03 du 10 mars 2009 :",
      "url": "http://www.adobe.com/support/security/bulletins/apsb09-03.html"
    },
    {
      "title": "Document du CERTA CERTA-2009-ALE-001 du 20 f\u00e9vrier 2009 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ALE-001/index.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb09-04 du 18 mars 2009\u00a0:",
      "url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
    }
  ],
  "reference": "CERTA-2009-AVI-094",
  "revisions": [
    {
      "description": "version initiale ;",
      "revision_date": "2009-03-11T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences au bulletin de s\u00e9curit\u00e9 APSB09-04 concernant les versions 7.x et 8.x ;",
      "revision_date": "2009-03-20T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins Red Hat et Xpdf.",
      "revision_date": "2009-04-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans l\u0027interpr\u00e9tation des documents PDF par diff\u00e9rents\nlecteurs permet \u00e0 un utilisateur malveillant d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans l\u0027interpr\u00e9tation JBIG2 dans le format PDF",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB09-03 du 10 mars 2009",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB09-04 du 18 mars 2009",
      "url": null
    }
  ]
}

CERTA-2009-ALE-001

Vulnerability from certfr_alerte - Published: 2009-02-20 - Updated: 2009-03-20

Une vulnérabilité dans les produits Adobe permet à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Description

Une erreur dans les produits Adobe relative à l'interprétation des objets encodés au format JBIG2 dans des fichiers PDF permet à un utilisateur de provoquer inopinément l'arrêt du logiciel (crash).

Elle permet également l'exécution de code arbitraire sur le système vulnérable avec les droits de l'utilisateur.

L'exploitation de la vulnérabilité ne nécessite pas nécessairement :

l'intervention de l'utilisateur ;
l'activation ou la désactivation du support Adobe JavaScript.

Certains codes d'exploitation circulant actuellement sur l'Internet sont reconnus par des antivirus sous divers noms : Trojan.Pidief.E, Bloodhound.PDF-6 (Symantec), Exploit-PDF.i (NAI, Mac Afee)...

L'application Adobe installe une extension permettant à l'explorateur de fichiers de Microsoft Windows de réaliser un aperçu des fichiers au format PDF. De ce fait, la vulnérabilité peut également être exploitée par les méthodes suivantes :

lors de la sélection d'un fichier PDF exploitant cette vulnérabilité ;
lors de l'exploration d'un répertoire avec un affichage en mode miniature des icônes.

Contournement provisoire

L'éditeur Adobe annonce qu'un correctif pour la version 9.x sera disponible le 11 mars 2009.

[11 mars 2009] : L'éditeur a mis à disposition un correctif de sécurité pour les versions 9 de Adobe Reader et Acrobat. Se référer au bulletin de sécurité Adobe apsb09-03 du 10 mars 2009 pour l'obtention des correctifs (cf. section Documentation).

[20 mars 2009] : L'éditeur a mis à disposition un correctif de sécurité pour les versions 8 et 7 de Adobe Reader et Acrobat. Se référer au bulletin de sécurité Adobe apsb09-04 du 18 mars 2009 pour l'obtention des correctifs (cf. section Documentation).

Dans l'attente d'un correctif de l'éditeur, plusieurs mesures peuvent diminuer les risques :

utiliser un lecteur alternatif à jour. Certains peuvent fermer inopinément à l'ouverture d'un document PDF malveillant mais l'exploitation de la vulnérabilité pour exécuter du code arbitraire n'est pas, à la date de rédaction de ce bulletin, avérée ;
pour gêner certains codes d'exploitation, désactiver le Javascript dans les lecteur PDF Adobe et ne l'activer qu'en cas de stricte nécessité. Cette mesure s'effectue directement dans l'interface de configuration de l'application ou en mettant à 0, pour les systèmes Windows uniquement, la valeur de la variable bEnableJS qui se trouve :
```
pour Adobe Reader dans :
        HCU\Software\Adobe\Acrobat Reader\<version>.0\JSPrefs
pour Adobe Acrobat dans :
        HCU\Software\Adobe\Adobe Acrobat\<version>.0\JSPrefs
```
mettre les pièces jointes au format PDF en quarantaine dans l'attente du correctif.

Par ailleurs, de bonnes pratiques permettent d'atténuer les impacts :

n'ouvrir que les documents au format PDF provenant d'une source de confiance ;
travailler avec un compte aux droits limités.

Afin de limiter l'impact d'un fichier PDF spécialement construit dans le contexte de l'explorateur de fichiers de Microsoft Windows, le contournement suivant peut être appliqué :

Après l'avoir sauvegardée, supprimer de la base de registre la clé :
HKEY_CLASSES_ROOT\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}

Exemple d'application avec un interpréteur de commandes sous Microsoft Windows :

regsvr32 /u ``c:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll''

ou encore :

reg export HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627} .\export.reg
reg delete HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}

Solution

Se référer aux bulletins de sécurité Adobe APSB09-03 et APSB09-04 publiés le 10 et le 18 mars respectivement pour l'obtention des correctifs (cf. section Documentation). Le CERTA a émis l'avis CERTA-2009-AVI-094 à ce sujet.

None

Impacted products

	Vendor	Product	Description
	Adobe	Acrobat	Adobe Acrobat Standard, Pro et Pro Extended, versions 9.x, 8.x et 7.x.
	Adobe	N/A	Adobe Reader versions 9.x, 8.x et 7.x ;

References

Title

Publication Time

Tags

Avis de sécurité Adobe APSA09-01 du 19 février 2009	None	vendor-advisory
Bulletin de sécurité du CERTA CERTA-2009-AVI-094 du 11 mars 2009 :	-	other
Bulletin de sécurité Adobe apsa09-01 du 19 février 2009 :	-	other
Bulletin d'actualité CERTA-2009-ACT-008, « Vulnérabilité non corrigée dans Adobe Reader » :	-	other
Bulletin d'actualité CERTA-2009-ACT-010, « Retour sur la vulnérabilité PDF » :	-	other
Bulletin de sécurité Adobe apsb09-03 du 10 mars 2009 :	-	other
Bulletin de sécurité Adobe apsb09-04 du 18 mars 2009 :	-	other
Bulletin d'actualité CERTA-2009-ACT-009, « Retour sur l'alerte CERTA-2009-ALE-001 concernant Adobe » :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Acrobat Standard, Pro et Pro Extended, versions 9.x, 8.x et 7.x.",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Reader versions 9.x, 8.x et 7.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2009-03-20",
  "content": "## Description\n\nUne erreur dans les produits Adobe relative \u00e0 l\u0027interpr\u00e9tation des\nobjets encod\u00e9s au format JBIG2 dans des fichiers PDF permet \u00e0 un\nutilisateur de provoquer inopin\u00e9ment l\u0027arr\u00eat du logiciel (crash).\n\nElle permet \u00e9galement l\u0027ex\u00e9cution de code arbitraire sur le syst\u00e8me\nvuln\u00e9rable avec les droits de l\u0027utilisateur.\n\nL\u0027exploitation de la vuln\u00e9rabilit\u00e9 ne n\u00e9cessite pas n\u00e9cessairement\u00a0:\n\n-   l\u0027intervention de l\u0027utilisateur ;\n-   l\u0027activation ou la d\u00e9sactivation du support Adobe JavaScript.\n\n  \n  \n\nCertains codes d\u0027exploitation circulant actuellement sur l\u0027Internet sont\nreconnus par des antivirus sous divers noms\u00a0: Trojan.Pidief.E,\nBloodhound.PDF-6 (Symantec), Exploit-PDF.i (NAI, Mac Afee)...\n\n  \n  \n\nL\u0027application Adobe installe une extension permettant \u00e0 l\u0027explorateur de\nfichiers de Microsoft Windows de r\u00e9aliser un aper\u00e7u des fichiers au\nformat PDF. De ce fait, la vuln\u00e9rabilit\u00e9 peut \u00e9galement \u00eatre exploit\u00e9e\npar les m\u00e9thodes suivantes :\n\n-   lors de la s\u00e9lection d\u0027un fichier PDF exploitant cette vuln\u00e9rabilit\u00e9\n    ;\n-   lors de l\u0027exploration d\u0027un r\u00e9pertoire avec un affichage en mode\n    miniature des ic\u00f4nes.\n\nDe plus, il semblerait que cette vuln\u00e9rabilit\u00e9 puisse \u00eatre exploit\u00e9e\nlors de l\u0027affichage de l\u0027infobulle li\u00e9 \u00e0 un fichier PDF malveillant dont\nles m\u00e9ta-donn\u00e9es ont \u00e9t\u00e9 sp\u00e9cialement construites.\n\nEnfin, l\u0027utilisation de services d\u0027indexation automatique (comme WIS,\nWindows Indexing Services) pourrait d\u00e9clencher l\u0027exploitation de la\nvuln\u00e9rabilit\u00e9 sur un fichier pr\u00e9sent sur l\u0027espace de stockage sans\nintervention particuli\u00e8re de l\u0027utilisateur.\n\n## Contournement provisoire\n\nL\u0027\u00e9diteur Adobe annonce qu\u0027un correctif pour la version 9.x sera\ndisponible le 11 mars 2009.\n\n\u003cspan class=\"textbf\"\u003e\\[11 mars 2009\\]\u003c/span\u003e : L\u0027\u00e9diteur a mis \u00e0\ndisposition un correctif de s\u00e9curit\u00e9 pour les versions 9 de Adobe Reader\net Acrobat. Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Adobe apsb09-03 du 10\nmars 2009 pour l\u0027obtention des correctifs (cf. section Documentation).\n\n\u003cspan class=\"textbf\"\u003e\\[20 mars 2009\\]\u003c/span\u003e : L\u0027\u00e9diteur a mis \u00e0\ndisposition un correctif de s\u00e9curit\u00e9 pour les versions 8 et 7 de Adobe\nReader et Acrobat. Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Adobe apsb09-04 du\n18 mars 2009 pour l\u0027obtention des correctifs (cf. section\nDocumentation).\n\nDans l\u0027attente d\u0027un correctif de l\u0027\u00e9diteur, plusieurs mesures peuvent\ndiminuer les risques :\n\n-   utiliser un lecteur alternatif \u00e0 jour. Certains peuvent fermer\n    inopin\u00e9ment \u00e0 l\u0027ouverture d\u0027un document PDF malveillant mais\n    l\u0027exploitation de la vuln\u00e9rabilit\u00e9 pour ex\u00e9cuter du code arbitraire\n    n\u0027est pas, \u00e0 la date de r\u00e9daction de ce bulletin, av\u00e9r\u00e9e\u00a0;\n\n-   pour g\u00eaner certains codes d\u0027exploitation, d\u00e9sactiver le Javascript\n    dans les lecteur PDF Adobe et ne l\u0027activer qu\u0027en cas de stricte\n    n\u00e9cessit\u00e9. Cette mesure s\u0027effectue directement dans l\u0027interface de\n    configuration de l\u0027application ou en mettant \u00e0 0, pour les syst\u00e8mes\n    Windows uniquement, la valeur de la variable bEnableJS qui se\n    trouve\u00a0:\n\n        pour Adobe Reader dans :\n                HCU\\Software\\Adobe\\Acrobat Reader\\\u003cversion\u003e.0\\JSPrefs\n        pour Adobe Acrobat dans :\n                HCU\\Software\\Adobe\\Adobe Acrobat\\\u003cversion\u003e.0\\JSPrefs\n\n-   mettre les pi\u00e8ces jointes au format PDF en quarantaine dans\n    l\u0027attente du correctif.\n\nPar ailleurs, de bonnes pratiques permettent d\u0027att\u00e9nuer les impacts\u00a0:\n\n-   n\u0027ouvrir que les documents au format PDF provenant d\u0027une source de\n    confiance\u00a0;\n-   travailler avec un compte aux droits limit\u00e9s.\n\n  \n\nAfin de limiter l\u0027impact d\u0027un fichier PDF sp\u00e9cialement construit dans le\ncontexte de l\u0027explorateur de fichiers de Microsoft Windows, le\ncontournement suivant peut \u00eatre appliqu\u00e9 :\n\n-   Apr\u00e8s l\u0027avoir sauvegard\u00e9e, supprimer de la base de registre la cl\u00e9\n    :  \n    `HKEY_CLASSES_ROOT\\CLSID\\{F9DB5320-233E-11D1-9F84-707F02C10627}`\n\nExemple d\u0027application avec un interpr\u00e9teur de commandes sous Microsoft\nWindows :\n\n    regsvr32 /u ``c:\\Program Files\\Fichiers communs\\Adobe\\Acrobat\\ActiveX\\PDFShell.dll\u0027\u0027\n\nou encore :\n\n    reg export HKCR\\CLSID\\{F9DB5320-233E-11D1-9F84-707F02C10627} .\\export.reg\n    reg delete HKCR\\CLSID\\{F9DB5320-233E-11D1-9F84-707F02C10627}\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 Adobe APSB09-03 et APSB09-04\npubli\u00e9s le 10 et le 18 mars respectivement pour l\u0027obtention des\ncorrectifs (cf. section Documentation). Le CERTA a \u00e9mis l\u0027avis\nCERTA-2009-AVI-094 \u00e0 ce sujet.\n",
  "cves": [
    {
      "name": "CVE-2009-0658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0658"
    }
  ],
  "initial_release_date": "2009-02-20T00:00:00",
  "last_revision_date": "2009-03-20T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 du CERTA CERTA-2009-AVI-094 du 11 mars    2009\u00a0:",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-AVI-094/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe apsa09-01 du 19 f\u00e9vrier 2009 :",
      "url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
    },
    {
      "title": "Bulletin d\u0027actualit\u00e9 CERTA-2009-ACT-008, \u00ab Vuln\u00e9rabilit\u00e9    non corrig\u00e9e dans Adobe Reader \u00bb\u00a0:",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ACT-008.pdf"
    },
    {
      "title": "Bulletin d\u0027actualit\u00e9 CERTA-2009-ACT-010, \u00ab Retour sur la    vuln\u00e9rabilit\u00e9 PDF \u00bb\u00a0:",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ACT-010.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb09-03 du 10 mars 2009 :",
      "url": "http://www.adobe.com/support/security/bulletins/apsb09-03.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb09-04 du 18 mars 2009\u00a0:",
      "url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
    },
    {
      "title": "Bulletin d\u0027actualit\u00e9 CERTA-2009-ACT-009, \u00ab Retour sur    l\u0027alerte CERTA-2009-ALE-001 concernant Adobe \u00bb\u00a0:",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ACT-009.pdf"
    }
  ],
  "reference": "CERTA-2009-ALE-001",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-02-20T00:00:00.000000"
    },
    {
      "description": "ajout des cl\u00e9s de registre pour la d\u00e9sactivation de l\u0027interpr\u00e9tation JS par GPO.",
      "revision_date": "2009-02-23T00:00:00.000000"
    },
    {
      "description": "mise \u00e0 jour de la section \u00abDescription\u00bb et de la section \u00abContournement provisoire\u00bb.",
      "revision_date": "2009-03-06T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins d\u0027actualit\u00e9 du CERTA.",
      "revision_date": "2009-03-10T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 d\u0027Adobe et du CERTA.",
      "revision_date": "2009-03-11T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences au dernier bulletin de s\u00e9curit\u00e9 d\u0027Adobe APSB09-04.",
      "revision_date": "2009-03-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans les produits Adobe permet \u00e0 un utilisateur\nmalveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans l\u0027interpr\u00e9tation JBIG2 des produits Adobe",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 Adobe APSA09-01 du 19 f\u00e9vrier 2009",
      "url": null
    }
  ]
}

FKIE_CVE-2009-0658

Vulnerability from fkie_nvd - Published: 2009-02-20 19:30 - Updated: 2025-04-09 00:30

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://isc.sans.org/diary.html?n&storyid=5902	Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html	Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html	Third Party Advisory
cve@mitre.org	http://osvdb.org/52073	Broken Link
cve@mitre.org	http://secunia.com/advisories/33901	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/34392	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/34490	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/34706	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/34790	Third Party Advisory
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200904-17.xml	Third Party Advisory
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1	Third Party Advisory
cve@mitre.org	http://www.adobe.com/support/security/advisories/apsa09-01.html	Vendor Advisory
cve@mitre.org	http://www.adobe.com/support/security/bulletins/apsb09-04.html	Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/905281	Third Party Advisory, US Government Resource
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2009-0376.html	Third Party Advisory
cve@mitre.org	http://www.securityfocus.com/bid/33751	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id?1021739	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219	Third Party Advisory
cve@mitre.org	http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99&tabid=2	Third Party Advisory
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA09-051A.html	Third Party Advisory, US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0472	Third Party Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2009/1019	Third Party Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/48825	VDB Entry
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697	Tool Signature
cve@mitre.org	https://www.exploit-db.com/exploits/8090	Third Party Advisory, VDB Entry
cve@mitre.org	https://www.exploit-db.com/exploits/8099	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://isc.sans.org/diary.html?n&storyid=5902	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/52073	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33901	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34392	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34490	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34706	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34790	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200904-17.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.adobe.com/support/security/advisories/apsa09-01.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.adobe.com/support/security/bulletins/apsb09-04.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/905281	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2009-0376.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33751	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021739	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99&tabid=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA09-051A.html	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0472	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1019	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/48825	VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697	Tool Signature
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/8090	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/8099	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
adobe	acrobat	*
adobe	acrobat	*
adobe	acrobat	9.0
adobe	acrobat_reader	*
adobe	acrobat_reader	*
adobe	acrobat_reader	9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C45837B4-F4F9-45DC-B324-48BD4AB51973",
              "versionEndIncluding": "7.1.1",
              "versionStartIncluding": "7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C1BEE55-AAE2-4D61-9156-7E34692469C1",
              "versionEndIncluding": "8.1.4",
              "versionStartIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AA53564-9ACD-4CFB-9AAC-A77440026A57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BB02266-8184-4A96-A1F0-66C9A3F0A329",
              "versionEndIncluding": "7.1.1",
              "versionStartIncluding": "7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DD4484-A823-4B8B-8939-44A553E2FD63",
              "versionEndIncluding": "8.1.4",
              "versionStartIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "562772F1-1627-438E-A6B8-7D1AA5536086",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento del b\u00fafer en Adobe Reader versi\u00f3n 9.0 y anteriores, y Acrobat  versi\u00f3n 9.0 y anteriores, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un documento PDF creado, relacionado con una llamada a una funci\u00f3n que no sea JavaScript y posiblemente una secuencia de im\u00e1genes del componente JBIG2 incrustada, tal como se explot\u00f3 \u201cin the wild\u201d en febrero de 2009 por Trojan.Pidief.E."
    }
  ],
  "id": "CVE-2009-0658",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2009-02-20T19:30:00.390",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/52073"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/33901"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/34392"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/34490"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/34706"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/34790"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/905281"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/33751"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1021739"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0472"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1019"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Tool Signature"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/8090"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/8099"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/52073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/33901"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/34392"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/34490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/34706"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/34790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/905281"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/33751"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1021739"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0472"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Tool Signature"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/8090"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/8099"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2009-0658

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-0658

Aliases

CVE-2009-0658

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-0658",
    "description": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.",
    "id": "GSD-2009-0658",
    "references": [
      "https://www.suse.com/security/cve/CVE-2009-0658.html",
      "https://access.redhat.com/errata/RHSA-2009:0376",
      "https://packetstormsecurity.com/files/cve/CVE-2009-0658"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-0658"
      ],
      "details": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.",
      "id": "GSD-2009-0658",
      "modified": "2023-12-13T01:19:44.029372Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2009-0658",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219",
            "refsource": "MISC",
            "url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
          },
          {
            "name": "34790",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34790"
          },
          {
            "name": "http://www.adobe.com/support/security/bulletins/apsb09-04.html",
            "refsource": "CONFIRM",
            "url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
          },
          {
            "name": "8099",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/8099"
          },
          {
            "name": "oval:org.mitre.oval:def:5697",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
          },
          {
            "name": "http://isc.sans.org/diary.html?n\u0026storyid=5902",
            "refsource": "MISC",
            "url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
          },
          {
            "name": "TA09-051A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
          },
          {
            "name": "http://www.adobe.com/support/security/advisories/apsa09-01.html",
            "refsource": "CONFIRM",
            "url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
          },
          {
            "name": "52073",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/52073"
          },
          {
            "name": "34490",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34490"
          },
          {
            "name": "33901",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/33901"
          },
          {
            "name": "RHSA-2009:0376",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
          },
          {
            "name": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2",
            "refsource": "MISC",
            "url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
          },
          {
            "name": "34392",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34392"
          },
          {
            "name": "SUSE-SA:2009:014",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
          },
          {
            "name": "34706",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34706"
          },
          {
            "name": "ADV-2009-0472",
            "refsource": "FRSIRT",
            "url": "http://www.vupen.com/english/advisories/2009/0472"
          },
          {
            "name": "VU#905281",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/905281"
          },
          {
            "name": "256788",
            "refsource": "SUNALERT",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
          },
          {
            "name": "33751",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/33751"
          },
          {
            "name": "adobe-acrobat-reader-image-bo(48825)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
          },
          {
            "name": "1021739",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1021739"
          },
          {
            "name": "8090",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/8090"
          },
          {
            "name": "GLSA-200904-17",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
          },
          {
            "name": "SUSE-SR:2009:009",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
          },
          {
            "name": "ADV-2009-1019",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/1019"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.1.1",
                "versionStartIncluding": "7.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.1.4",
                "versionStartIncluding": "8.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.1.4",
                "versionStartIncluding": "8.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.1.1",
                "versionStartIncluding": "7.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0658"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://isc.sans.org/diary.html?n\u0026storyid=5902",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://isc.sans.org/diary.html?n\u0026storyid=5902"
            },
            {
              "name": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99\u0026tabid=2"
            },
            {
              "name": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219"
            },
            {
              "name": "http://www.adobe.com/support/security/advisories/apsa09-01.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.adobe.com/support/security/advisories/apsa09-01.html"
            },
            {
              "name": "33751",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/33751"
            },
            {
              "name": "33901",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/33901"
            },
            {
              "name": "VU#905281",
              "refsource": "CERT-VN",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/905281"
            },
            {
              "name": "52073",
              "refsource": "OSVDB",
              "tags": [
                "Broken Link"
              ],
              "url": "http://osvdb.org/52073"
            },
            {
              "name": "1021739",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id?1021739"
            },
            {
              "name": "TA09-051A",
              "refsource": "CERT",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-051A.html"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb09-04.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
            },
            {
              "name": "RHSA-2009:0376",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
            },
            {
              "name": "34392",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/34392"
            },
            {
              "name": "34490",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/34490"
            },
            {
              "name": "SUSE-SA:2009:014",
              "refsource": "SUSE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
            },
            {
              "name": "256788",
              "refsource": "SUNALERT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
            },
            {
              "name": "34706",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/34706"
            },
            {
              "name": "SUSE-SR:2009:009",
              "refsource": "SUSE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
            },
            {
              "name": "34790",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/34790"
            },
            {
              "name": "ADV-2009-1019",
              "refsource": "VUPEN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1019"
            },
            {
              "name": "GLSA-200904-17",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
            },
            {
              "name": "ADV-2009-0472",
              "refsource": "FRSIRT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0472"
            },
            {
              "name": "adobe-acrobat-reader-image-bo(48825)",
              "refsource": "XF",
              "tags": [
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48825"
            },
            {
              "name": "8099",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.exploit-db.com/exploits/8099"
            },
            {
              "name": "8090",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.exploit-db.com/exploits/8090"
            },
            {
              "name": "oval:org.mitre.oval:def:5697",
              "refsource": "OVAL",
              "tags": [
                "Tool Signature"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5697"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-09-27T16:48Z",
      "publishedDate": "2009-02-20T19:30Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-0658 (GCVE-0-2009-0658)

GHSA-PM5J-JRQ9-VMHX

CERTA-2009-AVI-094

Description

Solution

CERTA-2009-ALE-001

Description

Contournement provisoire

Solution

FKIE_CVE-2009-0658

GSD-2009-0658

Tags

Sightings

Nomenclature