Red Hat update for acroread
| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 18 |
| CVE-ID | CVE-2009-2979 CVE-2009-2980 CVE-2009-2981 CVE-2009-2983 CVE-2009-2985 CVE-2009-2986 CVE-2009-2988 CVE-2009-2990 CVE-2009-2991 CVE-2009-2993 CVE-2009-2994 CVE-2009-2996 CVE-2009-2997 CVE-2009-2998 CVE-2009-3431 CVE-2009-3458 CVE-2009-3459 CVE-2009-3462 |
| CWE-ID | CWE-776 CWE-190 CWE-20 CWE-119 CWE-129 CWE-233 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #4 is available. Public exploit code for vulnerability #8 is available. Public exploit code for vulnerability #11 is available. Public exploit code for vulnerability #15 is available. Vulnerability #17 is being exploited in the wild. |
| Vulnerable software Subscribe |
Red Hat Enterprise Linux Desktop Operating systems & Components / Operating system Red Hat Enterprise Linux Server Operating systems & Components / Operating system |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 18 vulnerabilities.
1) XML entity expansion
EUVDB-ID: #VU2013
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-2979
CWE-ID:
CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS conditions on the target system.
The weakness exists due to XMP-XML entity expansion. A remote attacker can create a specially crafted file, trick the victim into opening it and trigger the application to crash.
Successful exploitation of the vulnerability results in denial of service on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Integer Overflow or Wraparound
EUVDB-ID: #VU2605
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-2980
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to trigger DoS conditions and even execute arbitrary code on the target system.
The weakness exists due to integer overflow when processing a malformed PDF file. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system or cause denial of service with privileges of the current user.
Successful exploitation of the vulnerability results in denial of service or arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Security bypass
EUVDB-ID: #VU2606
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-2981
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to improper input validation. A remote attacker can create a specially crafted file, trick the victim into opening it and bypass Trust Manager restrictions.
Successful exploitation of the vulnerability may result in access to the vulnerable application.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Memory corruption
EUVDB-ID: #VU2609
Risk: High
CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2009-2983
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to trigger DoS conditions and even execute arbitrary code on the target system.
The weakness exists due to boundary error when handling COM objects. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system or cause denial of service with privileges of the current user.
Successful exploitation of the vulnerability results in denial of service or arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
5) Memory corruption
EUVDB-ID: #VU2654
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-2985
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error when handling a malformed Compact Font Format stream embedded within a PDF document. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Heap-based buffer overflow
EUVDB-ID: #VU2655
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-2986
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to heap-based buffer overflow when handling malformed PDF document. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Denial of service
EUVDB-ID: #VU2657
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-2988
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS conditions on the target system.
The weakness exists due to an error in ActiveX control. By sending a specially crafted .pdf file, a remote attacker can cause the application to crash.
Successful exploitation of the vulnerability may result in denial of service.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper Validation of Array Index
EUVDB-ID: #VU2659
Risk: High
CVSSv3.1: 8.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C]
CVE-ID: CVE-2009-2990
CWE-ID:
CWE-129 - Improper Validation of Array Index
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to array indexing error in the 3difr.x3d plugin. A remote attacker can create a specially crafted U3D file, trick the victim into opening it and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
9) Memory corruption
EUVDB-ID: #VU2660
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-2991
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper Handling of Parameters
EUVDB-ID: #VU2662
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-2993
CWE-ID:
CWE-233 - Improper Handling of Parameters
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to improper implementation of the Privileged Context and Safe Path restrictions for unspecified JavaScript methods. A remote attacker can create a specially crafted PDF file containing the cPath parameter, trick the victim into opening it and execute arbitrary code.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Heap-based buffer overflow
EUVDB-ID: #VU2663
Risk: High
CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2009-2994
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to heap-based buffer overflow, caused by an integer overflow in CLOD Mesh Declaration block. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
12) Memory corruption
EUVDB-ID: #VU2666
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-2996
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to trigger DoS conditions and even execute arbitrary code on the target system.
The weakness exists due to image decoder issue. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system or cause denial of service with privileges of the current user.
Successful exploitation of the vulnerability results in denial of service or arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Heap-based buffer overflow
EUVDB-ID: #VU2667
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-2997
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to heap-based buffer overflow when handling malformed PDF file. A remote attacker can create a specially crafted.pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Memory corruption
EUVDB-ID: #VU2668
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-2998
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error when handling malicious input. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Denial of service
EUVDB-ID: #VU2669
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2009-3431
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to cause DoS conditions on the target system.
The weakness exists due to stack consumption when handling malformed documents. A remote attacker can create a specially crafted PDF file with a large number of [ (open square bracket) characters in the argument to the alert method, trick the victim into opening it, trigger memory cause the affected application to crash.
Successful exploitation of the vulnerability may result in denial of service on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
16) Memory corruption
EUVDB-ID: #VU2670
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-3458
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error when handling a malicious input. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Heap-based buffer overflow
EUVDB-ID: #VU1675
Risk: Critical
CVSSv3.1: 9.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2009-3459
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to heap-based buffer overflow when processing a malformed PDF file. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
18) Memory corruption
EUVDB-ID: #VU2673
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-3462
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to format bug when running in Debug mode on UNIX system. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install updates from vendor's website.
Red Hat Enterprise Linux Desktop: 5
Red Hat Enterprise Linux Server: v.5
External linkshttp://access.redhat.com/errata/RHSA-2009:1499
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
