Check Point Advisories

Preemptive Protection against Adobe Reader and Acrobat Mozilla plug-in Remote Code Execution Vulnerability (APSB09-15)

Check Point Reference: CPAI-2009-260
Date Published: 14 Oct 2009
Severity: Critical
Last Updated: Thursday 01 January, 2009
Source: Adobe Security Bulletin - APSB09-15
Industry Reference:CVE-2009-2991
Protection Provided by:
Who is Vulnerable? Adobe Reader 9.1.3 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.1.3 and earlier versions for Windows and Macintosh
Vulnerability Description A remote code execution vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker could implant a shell code on a target system using heap spray exploitation method. Heap spraying is a technique for exploiting vulnerabilities in internet browsers (e.g. Internet Explorer, Firefox).
Update/Patch AvaliableUpdate patches:
Adobe Security Bulletin - APSB09-15
Vulnerability DetailsThe vulnerability is due to the Mozilla plug-in of the Adobe Reader and Acrobat. Successful exploitation of this issue will create a denial of service condition, causing the application to become non-responsive, and may allow execution of arbitrary code on a vulnerable system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK