Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-announce

From: Robert Buchholz <rbu@g.o>
To: gentoo-announce@l.g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200907-06 ] Adobe Reader: User-assisted execution of arbitrary code
Date: Sun, 12 Jul 2009 17:48:42
Message-Id: 200907121939.38664.rbu@gentoo.org
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200907-06
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: Adobe Reader: User-assisted execution of arbitrary code
9 Date: July 12, 2009
10 Bugs: #267846, #273908
11 ID: 200907-06
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 Adobe Reader is vulnerable to remote code execution via crafted PDF
19 files.
20
21 Background
22 ==========
23
24 Adobe Reader is a PDF reader released by Adobe.
25
26 Affected packages
27 =================
28
29 -------------------------------------------------------------------
30 Package / Vulnerable / Unaffected
31 -------------------------------------------------------------------
32 1 app-text/acroread < 8.1.6 >= 8.1.6
33
34 Description
35 ===========
36
37 Multiple vulnerabilities have been reported in Adobe Reader:
38
39 * Alin Rad Pop of Secunia Research reported a heap-based buffer
40 overflow in the JBIG2 filter (CVE-2009-0198).
41
42 * Mark Dowd of the IBM Internet Security Systems X-Force and Nicolas
43 Joly of VUPEN Security reported multiple heap-based buffer overflows
44 in the JBIG2 filter (CVE-2009-0509, CVE-2009-0510, CVE-2009-0511,
45 CVE-2009-0512, CVE-2009-0888, CVE-2009-0889)
46
47 * Arr1val reported that multiple methods in the JavaScript API might
48 lead to memory corruption when called with crafted arguments
49 (CVE-2009-1492, CVE-2009-1493).
50
51 * An anonymous researcher reported a stack-based buffer overflow
52 related to U3D model files with a crafted extension block
53 (CVE-2009-1855).
54
55 * Jun Mao and Ryan Smith of iDefense Labs reported an integer
56 overflow related to the FlateDecode filter, which triggers a
57 heap-based buffer overflow (CVE-2009-1856).
58
59 * Haifei Li of Fortinet's FortiGuard Global Security Research Team
60 reported a memory corruption vulnerability related to TrueType fonts
61 (CVE-2009-1857).
62
63 * The Apple Product Security Team reported a memory corruption
64 vulnerability in the JBIG2 filter (CVE-2009-1858).
65
66 * Matthew Watchinski of Sourcefire VRT reported an unspecified memory
67 corruption (CVE-2009-1859).
68
69 * Will Dormann of CERT reported multiple heap-based buffer overflows
70 when processing JPX (aka JPEG2000) stream that trigger heap memory
71 corruption (CVE-2009-1861).
72
73 * Multiple unspecified vulnerabilities have been discovered
74 (CVE-2009-2028).
75
76 Impact
77 ======
78
79 A remote attacker could entice a user to open a specially crafted
80 document, possibly resulting in the execution of arbitrary code with
81 the privileges of the user running the application.
82
83 Workaround
84 ==========
85
86 There is no known workaround at this time.
87
88 Resolution
89 ==========
90
91 All Adobe Reader users should upgrade to the latest version:
92
93 # emerge --sync
94 # emerge --ask --oneshot --verbose ">=app-text/acroread-8.1.6"
95
96 References
97 ==========
98
99 [ 1 ] CVE-2009-0198
100 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0198
101 [ 2 ] CVE-2009-0509
102 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0509
103 [ 3 ] CVE-2009-0510
104 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0510
105 [ 4 ] CVE-2009-0511
106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0511
107 [ 5 ] CVE-2009-0512
108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0512
109 [ 6 ] CVE-2009-0888
110 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0888
111 [ 7 ] CVE-2009-0889
112 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0889
113 [ 8 ] CVE-2009-1492
114 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1492
115 [ 9 ] CVE-2009-1493
116 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1493
117 [ 10 ] CVE-2009-1855
118 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1855
119 [ 11 ] CVE-2009-1856
120 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1856
121 [ 12 ] CVE-2009-1857
122 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1857
123 [ 13 ] CVE-2009-1858
124 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1858
125 [ 14 ] CVE-2009-1859
126 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1859
127 [ 15 ] CVE-2009-1861
128 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1861
129 [ 16 ] CVE-2009-2028
130 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2028
131
132 Availability
133 ============
134
135 This GLSA and any updates to it are available for viewing at
136 the Gentoo Security Website:
137
138 http://security.gentoo.org/glsa/glsa-200907-06.xml
139
140 Concerns?
141 =========
142
143 Security is a primary focus of Gentoo Linux and ensuring the
144 confidentiality and security of our users machines is of utmost
145 importance to us. Any security concerns should be addressed to
146 security@g.o or alternatively, you may file a bug at
147 http://bugs.gentoo.org.
148
149 License
150 =======
151
152 Copyright 2009 Gentoo Foundation, Inc; referenced text
153 belongs to its owner(s).
154
155 The contents of this document are licensed under the
156 Creative Commons - Attribution / Share Alike license.
157
158 http://creativecommons.org/licenses/by-sa/2.5

Attachments

File name MIME type
signature.asc application/pgp-signature
Report Message
Find on MARC Find on Google Groups