CVE-2009-4324

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.

CVSS v3.0 7.8 HIGH
CVSS v2.0 9.3 HIGH

7.8^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html	Broken Link Vendor Advisory
http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html	Exploit Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html	Mailing List Third Party Advisory
http://osvdb.org/60980	Broken Link
http://secunia.com/advisories/37690	Broken Link Vendor Advisory
http://secunia.com/advisories/38138	Broken Link Vendor Advisory
http://secunia.com/advisories/38215	Broken Link Vendor Advisory
http://www.adobe.com/support/security/advisories/apsa09-07.html	Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb10-02.html	Not Applicable
http://www.kb.cert.org/vuls/id/508357	Third Party Advisory US Government Resource
http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb	Broken Link
http://www.redhat.com/support/errata/RHSA-2010-0060.html	Broken Link
http://www.securityfocus.com/bid/37331	Broken Link Third Party Advisory VDB Entry
http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214	Broken Link
http://www.symantec.com/connect/blogs/zero-day-xmas-present	Broken Link
http://www.us-cert.gov/cas/techalerts/TA10-013A.html	Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2009/3518	Broken Link Vendor Advisory
http://www.vupen.com/english/advisories/2010/0103	Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=547799	Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/54747	Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795	Broken Link
http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html	Broken Link Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795	Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/54747	Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=547799	Issue Tracking
http://www.vupen.com/english/advisories/2010/0103	Broken Link
http://www.vupen.com/english/advisories/2009/3518	Broken Link Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA10-013A.html	Third Party Advisory US Government Resource
http://www.symantec.com/connect/blogs/zero-day-xmas-present	Broken Link
http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214	Broken Link
http://www.securityfocus.com/bid/37331	Broken Link Third Party Advisory VDB Entry
http://www.redhat.com/support/errata/RHSA-2010-0060.html	Broken Link
http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb	Broken Link
http://www.kb.cert.org/vuls/id/508357	Third Party Advisory US Government Resource
http://www.adobe.com/support/security/bulletins/apsb10-02.html	Not Applicable
http://www.adobe.com/support/security/advisories/apsa09-07.html	Vendor Advisory
http://secunia.com/advisories/38215	Broken Link Vendor Advisory
http://secunia.com/advisories/38138	Broken Link Vendor Advisory
http://secunia.com/advisories/37690	Broken Link Vendor Advisory
http://osvdb.org/60980	Broken Link
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html	Mailing List Third Party Advisory
http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:adobe:acrobat::::::::
	cpe:2.3:a:adobe:acrobat::::::::
	cpe:2.3:a:adobe:acrobat_reader::::::::
	cpe:2.3:a:adobe:acrobat_reader::::::::

OR	cpe:2.3:o:apple:mac_os_x:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:opensuse:opensuse:11.1:::::::*
	cpe:2.3:o:opensuse:opensuse:11.2:::::::*
	cpe:2.3:a:suse:linux_enterprise_debuginfo:11:-::::::
	cpe:2.3:o:suse:linux_enterprise:10.0:sp3::::::
	cpe:2.3:o:suse:linux_enterprise:10.0:sp2::::::

History

19 Dec 2024, 18:07

28 Jun 2024, 14:20

Information

Published : 2009-12-15 02:30

Updated : 2025-02-13 17:42

NVD link : CVE-2009-4324

Mitre link : CVE-2009-4324

JSON object : View

Products Affected

adobe

acrobat
acrobat_reader

apple

mac_os_x

suse

linux_enterprise_debuginfo
linux_enterprise

opensuse

opensuse

microsoft

windows

CWE

CWE-416

Use After Free

Type	Values Removed	Values Added
CVSS	v2 : ~~9.3~~ v3 : ~~unknown~~	v2 : 9.3 v3 : 7.8
CWE	~~CWE-399~~	CWE-416
First Time		Apple Opensuse opensuse Apple mac Os X Opensuse Microsoft Microsoft windows Suse linux Enterprise Suse Suse linux Enterprise Debuginfo
CPE	cpe:2.3:a:adobe:acrobat_reader:5.0.7:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.9:::::::* cpe:2.3:a:adobe:acrobat_reader:4.5:::::::* cpe:2.3:a:adobe:acrobat:8.1.1:::::::* cpe:2.3:a:adobe:acrobat_reader:6.0.1:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.1:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.4:::::::* cpe:2.3:a:adobe:acrobat:9.1:::::::* cpe:2.3:a:adobe:acrobat:7.0.1:::::::* cpe:2.3:a:adobe:acrobat:6.0.4:::::::* cpe:2.3:a:adobe:acrobat:6.0.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.0:::::::* cpe:2.3:a:adobe:acrobat_reader:6.0.2:::::::* cpe:2.3:a:adobe:acrobat:6.0.3:::::::* cpe:2.3:a:adobe:acrobat:8.0:::::::* cpe:2.3:a:adobe:acrobat_reader:5.0.11:::::::* cpe:2.3:a:adobe:acrobat_reader:3.0:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.1:::::::* cpe:2.3:a:adobe:acrobat:7.0.7:::::::* cpe:2.3:a:adobe:acrobat:7.0:::::::* cpe:2.3:a:adobe:acrobat_reader:4.0.5:::::::* cpe:2.3:a:adobe:acrobat:7.0.9:::::::* cpe:2.3:a:adobe:acrobat_reader:4.0.5a:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0:::::::* cpe:2.3:a:adobe:acrobat_reader:5.0.6:::::::* cpe:2.3:a:adobe:acrobat_reader:6.0.4:::::::* cpe:2.3:a:adobe:acrobat:9.0:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.6:::::::* cpe:2.3:a:adobe:acrobat:6.0.5:::::::* cpe:2.3:a:adobe:acrobat:7.0.3:::::::* cpe:2.3:a:adobe:acrobat_reader:6.0.3:::::::* cpe:2.3:a:adobe:acrobat_reader:4.0.5c:::::::* cpe:2.3:a:adobe:acrobat_reader:5.0.9:::::::* cpe:2.3:a:adobe:acrobat_reader:6.0:::::::* cpe:2.3:a:adobe:acrobat:6.0:::::::* cpe:2.3:a:adobe:acrobat:7.0.2:::::::* cpe:2.3:a:adobe:acrobat_reader:4.0:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.8:::::::* cpe:2.3:a:adobe:acrobat_reader:8.0:::::::* cpe:2.3:a:adobe:acrobat:7.0.4:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.2:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.7:::::::* cpe:2.3:a:adobe:acrobat:7.0.8:::::::* cpe:2.3:a:adobe:acrobat_reader:6.0.5:::::::* cpe:2.3:a:adobe:acrobat:6.0.2:::::::* cpe:2.3:a:adobe:acrobat:7.0.6:::::::* cpe:2.3:a:adobe:acrobat:8.1.2:::::::* cpe:2.3:a:adobe:acrobat_reader:5.0.10:::::::* cpe:2.3:a:adobe:acrobat_reader:5.1:::::::* cpe:2.3:a:adobe:acrobat_reader:5.0:::::::* cpe:2.3:a:adobe:acrobat_reader:5.0.5:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.3:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.2:::::::* cpe:2.3:a:adobe:acrobat:7.0.5:::::::* cpe:2.3:a:adobe:acrobat:8.1:::::::* cpe:2.3:a:adobe:acrobat_reader:7.0.5:::::::*	cpe:2.3:o:opensuse:opensuse:11.2:::::::* cpe:2.3:o:suse:linux_enterprise:10.0:sp3:::::: cpe:2.3:o:suse:linux_enterprise:10.0:sp2:::::: cpe:2.3:o:microsoft:windows:-:::::::* cpe:2.3:a:suse:linux_enterprise_debuginfo:11:-:::::: cpe:2.3:o:apple:mac_os_x:-:::::::* cpe:2.3:o:opensuse:opensuse:11.1:::::::*
References	~~(CONFIRM) http://www.adobe.com/support/security/bulletins/apsb10-02.html -~~	(CONFIRM) http://www.adobe.com/support/security/bulletins/apsb10-02.html - Not Applicable
References	~~(OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795 -~~	(OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795 - Broken Link
References	~~(SECUNIA) http://secunia.com/advisories/37690 - Vendor Advisory~~	(SECUNIA) http://secunia.com/advisories/37690 - Broken Link, Vendor Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html - Mailing List, Third Party Advisory
References	~~(REDHAT) http://www.redhat.com/support/errata/RHSA-2010-0060.html -~~	(REDHAT) http://www.redhat.com/support/errata/RHSA-2010-0060.html - Broken Link
References	~~(MISC) http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html -~~	(MISC) http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html - Exploit, Third Party Advisory
References	~~(MISC) http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb -~~	(MISC) http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb - Broken Link
References	~~(CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=547799 -~~	(CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=547799 - Issue Tracking
References	~~(CERT-VN) http://www.kb.cert.org/vuls/id/508357 - US Government Resource~~	(CERT-VN) http://www.kb.cert.org/vuls/id/508357 - Third Party Advisory, US Government Resource
References	~~(BID) http://www.securityfocus.com/bid/37331 -~~	(BID) http://www.securityfocus.com/bid/37331 - Broken Link, Third Party Advisory, VDB Entry
References	~~(MISC) http://www.symantec.com/connect/blogs/zero-day-xmas-present -~~	(MISC) http://www.symantec.com/connect/blogs/zero-day-xmas-present - Broken Link
References	~~(MISC) http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html - Vendor Advisory~~	(MISC) http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html - Broken Link, Vendor Advisory
References	~~(CERT) http://www.us-cert.gov/cas/techalerts/TA10-013A.html - US Government Resource~~	(CERT) http://www.us-cert.gov/cas/techalerts/TA10-013A.html - Third Party Advisory, US Government Resource
References	~~(VUPEN) http://www.vupen.com/english/advisories/2010/0103 -~~	(VUPEN) http://www.vupen.com/english/advisories/2010/0103 - Broken Link
References	~~(OSVDB) http://osvdb.org/60980 -~~	(OSVDB) http://osvdb.org/60980 - Broken Link
References	~~(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/54747 -~~	(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/54747 - Third Party Advisory, VDB Entry
References	~~(SECUNIA) http://secunia.com/advisories/38138 - Vendor Advisory~~	(SECUNIA) http://secunia.com/advisories/38138 - Broken Link, Vendor Advisory
References	~~(MISC) http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214 -~~	(MISC) http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214 - Broken Link
References	~~(SECUNIA) http://secunia.com/advisories/38215 - Vendor Advisory~~	(SECUNIA) http://secunia.com/advisories/38215 - Broken Link, Vendor Advisory
References	~~(VUPEN) http://www.vupen.com/english/advisories/2009/3518 - Vendor Advisory~~	(VUPEN) http://www.vupen.com/english/advisories/2009/3518 - Broken Link, Vendor Advisory

7.8 /10