Required CVE Record Information
Description
The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.
References 26 Total
- securityfocus.com: 34740 vdb-entry
- http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=926953
- secunia.com: 35734 third-party-advisory
- us-cert.gov: TA09-133B third-party-advisory
- exploit-db.com: 8570 exploit
- vupen.com: ADV-2009-1189 vdb-entry
- exchange.xforce.ibmcloud.com: reader-spellcustom-code-execution(50146) vdb-entry
- http://www.adobe.com/support/security/bulletins/apsb09-06.html
- lists.opensuse.org: SUSE-SR:2009:011 vendor-advisory
- http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html
- http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt
- osvdb.org: 54129 vdb-entry
- security.gentoo.org: GLSA-200907-06 vendor-advisory
- sunsolve.sun.com: 259028 vendor-advisory
- lists.opensuse.org: SUSE-SA:2009:027 vendor-advisory
- secunia.com: 34924 third-party-advisory
- vupen.com: ADV-2009-1317 vdb-entry
- securitytracker.com: 1022139 vdb-entry
- secunia.com: 35358 third-party-advisory
- secunia.com: 35055 third-party-advisory
- kb.cert.org: VU#970180 third-party-advisory
- secunia.com: 35416 third-party-advisory
- redhat.com: RHSA-2009:0478 vendor-advisory
- secunia.com: 35096 third-party-advisory
- secunia.com: 35152 third-party-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 26 Total
- securityfocus.com: 34740 vdb-entryx_transferred
- http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html x_transferred
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=926953 x_transferred
- secunia.com: 35734 third-party-advisoryx_transferred
- us-cert.gov: TA09-133B third-party-advisoryx_transferred
- exploit-db.com: 8570 exploitx_transferred
- vupen.com: ADV-2009-1189 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: reader-spellcustom-code-execution(50146) vdb-entryx_transferred
- http://www.adobe.com/support/security/bulletins/apsb09-06.html x_transferred
- lists.opensuse.org: SUSE-SR:2009:011 vendor-advisoryx_transferred
- http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html x_transferred
- http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt x_transferred
- osvdb.org: 54129 vdb-entryx_transferred
- security.gentoo.org: GLSA-200907-06 vendor-advisoryx_transferred
- sunsolve.sun.com: 259028 vendor-advisoryx_transferred
- lists.opensuse.org: SUSE-SA:2009:027 vendor-advisoryx_transferred
- secunia.com: 34924 third-party-advisoryx_transferred
- vupen.com: ADV-2009-1317 vdb-entryx_transferred
- securitytracker.com: 1022139 vdb-entryx_transferred
- secunia.com: 35358 third-party-advisoryx_transferred
- secunia.com: 35055 third-party-advisoryx_transferred
- kb.cert.org: VU#970180 third-party-advisoryx_transferred
- secunia.com: 35416 third-party-advisoryx_transferred
- redhat.com: RHSA-2009:0478 vendor-advisoryx_transferred
- secunia.com: 35096 third-party-advisoryx_transferred
- secunia.com: 35152 third-party-advisoryx_transferred