lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <8F42FCAB322F4C9B9ED2A8657DD24E49@unknown>
Date: Fri, 16 Oct 2009 14:20:44 +0200
From: "VUPEN Security Research" <advisories@...en.com>
To: <bugtraq@...urityfocus.com>
Subject: VUPEN Security - Adobe Acrobat and Reader U3D Filter Code Execution Vulnerabilities

VUPEN Vulnerability Research - Adobe Acrobat and Reader U3D Filter Code 
Execution Vulnerabilities


I. BACKGROUND --------------------- 

Adobe Acrobat is a family of computer programs developed by Adobe
Systems, designed to view, create, manipulate and manage files in
Adobe's Portable Document Format (PDF).


II. DESCRIPTION --------------------- 

VUPEN Vulnerability Research Team discovered three critical
vulnerabilities affecting Adobe Acrobat and Reader.

These vulnerabilities are caused by memory corruption errors within
the U3D filter when processing malformed data in a PDF file,
which could allow attackers to execute arbitrary code by tricking
a user into opening a specially crafted PDF document.

VUPEN-SR-2009-11 - Adobe U3D Pointer Overwrite Vulnerability
VUPEN-SR-2009-10 - Adobe U3D Uninitialized Pointer Vulnerability
VUPEN-SR-2009-09 - Adobe U3D Heap Corruption Vulnerability


III. AFFECTED PRODUCTS
--------------------------------

Adobe Reader version 9.1.3 and prior
Adobe Reader version 8.1.6 and prior
Adobe Reader version 7.1.3 and prior
Adobe Acrobat version 9.1.3 and prior
Adobe Acrobat version 8.1.6 and prior
Adobe Acrobat version 7.1.3 and prior


IV. Exploits - PoCs & Binary Analysis
--------------------------------------

Fully functional code execution exploits have been developed by
VUPEN Security and are available with in-depth binary analysis
of the vulnerabilities through the VUPEN Exploits & PoCs Service.

http://www.vupen.com/exploits


V. SOLUTION ---------------- 

Upgrade to Adobe Acrobat and Reader versions 9.2, 8.1.7, or 7.1.4 :
http://www.adobe.com/support/security/bulletins/apsb09-07.html


VI. CREDIT -------------- 

The vulnerabilities were discovered by Nicolas JOLY of VUPEN Security


VII. REFERENCES
----------------------

http://www.vupen.com/english/research.php
http://www.adobe.com/support/security/bulletins/apsb09-15.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2998


VIII. DISCLOSURE TIMELINE ----------------------------------- 

2009-07-17 - Vendor notified
2009-07-18 - Vendor response
2009-10-07 - Status update received
2009-10-13 - Coordinated public Disclosure


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ