#VU1955 Privilege escalation in Adobe Acrobat and Adobe Reader


Published: 2020-03-18

Vulnerability identifier: #VU1955

Vulnerability risk: Medium

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2009-2564

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Adobe Acrobat
Client/Desktop applications / Office applications
Adobe Reader
Client/Desktop applications / Office applications

Vendor: Adobe

Description
The vulnerability allows a local attacker to obtain elevated privileges on vulnerable system.

The vulnerability exists due to insecure permissions on the NOS directory in getPlus Download Manager. By replacing the getPlus_HelperSvc.exe file, an attacker could exploit this vulnerability to gain SYSTEM privileges.

Successful exploitation of this vulnerability may allow a local user to obtain full access to vulnerable system.

Mitigation
Update Adobe Reader for Windows, Macintosh, and UNIX to version 9.2:
http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows
http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Macintosh
http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Unix
Update Adobe Acrobat for Windows and Macintosh to version 9.2:
http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows
http://www.adobe.com/support/downloads/product.jsp?product=158&platform=Windows
http://www.adobe.com/support/downloads/product.jsp?product=112&platform=Windows
http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh

Vulnerable software versions

Adobe Acrobat: 7.0 - 7.0.9, 8.0 - 8.3.1, 9.0 - 9.1.3

Adobe Reader: 8.0 - 8.3.1, 7.0 - 7.0.9, 9.0 - 9.1.3

External links
http://www.adobe.com/support/security/bulletins/apsb09-15.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.


Latest bulletins with this vulnerability


openSUSE update for flash-player
Multiple vulnerabilities in Adobe Reader and Adobe Acrobat