Preemptive Protection against Adobe Reader and Acrobat Mozilla plug-in Remote Code Execution Vulnerability (APSB09-15)
| Check Point Reference: | CPAI-2009-260 | |
| Date Published: | ||
| Preemptive Since: | ||
| Severity: | ||
| Source: | Adobe Security Bulletin - APSB09-15 | |
| Industry Reference(s): | CVE-2009-2991 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Adobe Reader 9.1.3 and earlier versions for Windows, Macintosh, and UNIX Adobe Acrobat 9.1.3 and earlier versions for Windows and Macintosh | ||
| Vulnerability Description A remote code execution vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker could implant a shell code on a target system using heap spray exploitation method. Heap spraying is a technique for exploiting vulnerabilities in internet browsers (e.g. Internet Explorer, Firefox). |
||
|
Update/Patch Available Update patches: Adobe Security Bulletin - APSB09-15 |
|
|
Vulnerability Details The vulnerability is due to the Mozilla plug-in of the Adobe Reader and Acrobat. Successful exploitation of this issue will create a denial of service condition, causing the application to become non-responsive, and may allow execution of arbitrary code on a vulnerable system. |
Protection Overview
This protection will detect and block a large number of known shell code exploits.
Users are protected against this vulnerability if the protection for blocking known shell codes in the Protection section of SBP-2006-12 has been applied.
To configure the defense, select your product from the list below and follow the related protection steps.