TECHNICAL BULLETIN
TECHNICAL BULLETIN
| PROBLEM: | Adobe Reader and Acrobat are prone to multiple remote vulnerabilities. |
| PLATFORM: | Adobe Acrobat Standard 7.0 through 7.0.8 Adobe Acrobat Standard 7.1 Adobe Acrobat Standard 7.1.1 Adobe Acrobat Standard 8.0 Adobe Acrobat Standard 8.1 Adobe Acrobat Standard 8.1.1 through 8.1.4 Adobe Acrobat Standard 9.1 Adobe Acrobat Standard 9 Adobe Acrobat Reader 7.0 through 7.0.9 Adobe Acrobat Reader 7.1 through 7.1.2 Adobe Acrobat Reader 8.0 Adobe Acrobat Reader 8.1 through 8.1.5 Adobe Acrobat Reader 8.1.2 Security Update Adobe Acrobat Reader 9 Adobe Acrobat Reader 9.1 Adobe Acrobat Reader 9.1.1 Adobe Acrobat Professional 7.0 through 7.0.9 Adobe Acrobat Professional 7.1 through 7.1.1 Adobe Acrobat Professional 8.0 Adobe Acrobat Professional 8.1 through 8.1.4 Adobe Acrobat Professional 8.1.2 Security Update |
| ABSTRACT: | Adobe has released a quarterly update which fixes multiple vulnerabilities. Users who opened a specially altered pdf file could suffer information disclosure, denial of service or execution of arbitrary code (total compromise). |
| LINKS: | |
| DOE-CIRC BULLETIN: | http://www.doecirc.energy.gov/bulletins/t-159.shtml |
| OTHER LINKS: | Security Focus http://www.securityfocus.com/bid/35274/info CVE-2009-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0198 CVE-2009-0509 http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0509 CVE-2009-0510 http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0510 CVE-2009-0511 http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0511 CVE-2009-0512 http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0512 CVE-2009-0888 http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0888 CVE-2009-0889 http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0889 CVE-2009-1855 http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1855 CVE-2009-1856 http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1856 CVE-2009-1857 http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1857 CVE-2009-1858 http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1858 CVE-2009-1859 http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1859 CVE-2009-1861 http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1861 |
| IMPACT ASSESSMENT: | This risk is rated high. While no exploit is known in the wild at this time, Adobe applications are widely deployed and used and commonly attacked. Exploits based upon reverse engineering of the patches can be expected in the near future. Adobe rates this update as critical. |
[***** Start CVE-2009-0198, CVE-2009-0509, CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, CVE-2009-0888, CVE-2009-0889, CVE-2009-1855, *****] Discussion: Adobe Reader and Acrobat are prone to multiple remote vulnerabilities. An attacker can exploit these issues by tricking a victim into opening a malicious file to execute arbitrary code and to cause denial-of-service conditions. The following individual records have been created to better document some of these issues: 35298 Adobe Reader and Acrobat JBIG2 Filter Unspecified Memory Corruption Vulnerability 35295 Adobe Reader and Acrobat Multiple Unspecified Remote Heap Buffer Overflow Vulnerabilities 35294 Adobe Reader and Acrobat 9.1.1 and Prior Integer Overflow Vulnerability 35296 Adobe Reader and Acrobat 9.1.1 and Prior Unspecified Memory Corruption Vulnerability 35289 Adobe Reader and Acrobat Unspecified Memory Corruption Vulnerability 35293 Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability 35291 Adobe Reader and Acrobat JBIG Halftone Region Grid Area Remote Heap Buffer Overflow Vulnerability 35282 Adobe Reader and Acrobat U3D Model Remote Stack Buffer Overflow Vulnerability 35299 Adobe Reader and Acrobat JBIG 'Pattern Dictionary' Remote Heap Buffer Overflow Vulnerability 35300 Adobe Reader and Acrobat JBIG Pattern Dictionary Allocation Remote Heap Buffer Overflow Vulnerability 35301 Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability 35302 Adobe Reader and Acrobat Huffman-encoded JBIG2 Text Heap Overflow Vulnerability 35303 Adobe Reader and Acrobat JBIG Segments 'Text Region' Memory Corruption Vulnerability Solution: Vendor patch is now available. Adobe Reader: Adobe Reader users on Windows can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows. Adobe Reader users on Macintosh can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Macintosh. Acrobat: Acrobat Standard and Pro users on Windows can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows. Acrobat Pro Extended users on Windows can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=158&platform=Windows Acrobat 3D users on Windows can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=112&platform=Windows. Acrobat Pro users on Macintosh can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh. [***** End CVE-2009-0198, CVE-2009-0509, CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, CVE-2009-0888, CVE-2009-0889, CVE-2009-1855, *****]
Voice: 866-941-2472
E-mail: doecirc@doecirc.energy.gov
World Wide Web: http://www.doecirc.energy.gov