SB2009101401 - Red Hat update for acroread
Published: October 14, 2009 Updated: May 2, 2017
Security Bulletin ID
SB2009101401
Severity
Critical
Patch available
YES
Number of vulnerabilities
18
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 18 secuirty vulnerabilities.
1) XML entity expansion (CVE-ID: CVE-2009-2979)
The vulnerability allows a remote attacker to cause DoS conditions on the target system.The weakness exists due to XMP-XML entity expansion. A remote attacker can create a specially crafted file, trick the victim into opening it and trigger the application to crash.
Successful exploitation of the vulnerability results in denial of service on the vulnerable system.
2) Integer Overflow or Wraparound (CVE-ID: CVE-2009-2980)
The vulnerability allows a remote attacker to trigger DoS conditions and even execute arbitrary code on the target system.The weakness exists due to integer overflow when processing a malformed PDF file. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system or cause denial of service with privileges of the current user.
Successful exploitation of the vulnerability results in denial of service or arbitrary code execution on the vulnerable system.
3) Security bypass (CVE-ID: CVE-2009-2981)
The vulnerability allows a remote attacker to bypass security restrictions on the target system.The weakness exists due to improper input validation. A remote attacker can create a specially crafted file, trick the victim into opening it and bypass Trust Manager restrictions.
Successful exploitation of the vulnerability may result in access to the vulnerable application.
4) Memory corruption (CVE-ID: CVE-2009-2983)
The vulnerability allows a remote attacker to trigger DoS conditions and even execute arbitrary code on the target system.The weakness exists due to boundary error when handling COM objects. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system or cause denial of service with privileges of the current user.
Successful exploitation of the vulnerability results in denial of service or arbitrary code execution on the vulnerable system.
5) Memory corruption (CVE-ID: CVE-2009-2985)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to boundary error when handling a malformed Compact Font Format stream embedded within a PDF document. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
6) Heap-based buffer overflow (CVE-ID: CVE-2009-2986)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to heap-based buffer overflow when handling malformed PDF document. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
7) Denial of service (CVE-ID: CVE-2009-2988)
The vulnerability allows a remote attacker to cause DoS conditions on the target system.The weakness exists due to an error in ActiveX control. By sending a specially crafted .pdf file, a remote attacker can cause the application to crash.
Successful exploitation of the vulnerability may result in denial of service.
8) Improper Validation of Array Index (CVE-ID: CVE-2009-2990)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to array indexing error in the 3difr.x3d plugin. A remote attacker can create a specially crafted U3D file, trick the victim into opening it and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
9) Memory corruption (CVE-ID: CVE-2009-2991)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to boundary error. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
10) Improper Handling of Parameters (CVE-ID: CVE-2009-2993)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to improper implementation of the Privileged Context and Safe Path restrictions for unspecified JavaScript methods. A remote attacker can create a specially crafted PDF file containing the cPath parameter, trick the victim into opening it and execute arbitrary code.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
11) Heap-based buffer overflow (CVE-ID: CVE-2009-2994)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to heap-based buffer overflow, caused by an integer overflow in CLOD Mesh Declaration block. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
12) Memory corruption (CVE-ID: CVE-2009-2996)
The vulnerability allows a remote attacker to trigger DoS conditions and even execute arbitrary code on the target system.The weakness exists due to image decoder issue. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system or cause denial of service with privileges of the current user.
Successful exploitation of the vulnerability results in denial of service or arbitrary code execution on the vulnerable system.
13) Heap-based buffer overflow (CVE-ID: CVE-2009-2997)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to heap-based buffer overflow when handling malformed PDF file. A remote attacker can create a specially crafted.pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
14) Memory corruption (CVE-ID: CVE-2009-2998)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to boundary error when handling malicious input. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
15) Denial of service (CVE-ID: CVE-2009-3431)
The vulnerability allows a remote attacker to cause DoS conditions on the target system.The weakness exists due to stack consumption when handling malformed documents. A remote attacker can create a specially crafted PDF file with a large number of [ (open square bracket) characters in the argument to the alert method, trick the victim into opening it, trigger memory cause the affected application to crash.
Successful exploitation of the vulnerability may result in denial of service on the vulnerable system.
16) Memory corruption (CVE-ID: CVE-2009-3458)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to boundary error when handling a malicious input. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.
17) Heap-based buffer overflow (CVE-ID: CVE-2009-3459)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to heap-based buffer overflow when processing a malformed PDF file. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
18) Memory corruption (CVE-ID: CVE-2009-3462)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to format bug when running in Debug mode on UNIX system. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Remediation
Install update from vendor's website.