Check Point Advisories

Security Best Practice: Protect Yourself against Adobe Multiple Products JBIG2 Stream Buffer Overflow Vulnerability

Check Point Reference: SBP-2009-04
Date Published: 24 Feb 2009
Severity: High
Last Updated: Thursday 01 January, 2009
Source: Secunia Advisory: SA33901
Industry Reference:CVE-2009-0658
Protection Provided by:
Who is Vulnerable? Adobe Systems Acrobat 9 and prior
Adobe Systems Adobe Reader 9 and prior
Vulnerability Description A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat when handling PDF files that contain a JBIG2 stream. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Portable Document Format (PDF) is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation allows execution of arbitrary code on a vulnerable system.
Vulnerability DetailsThe vulnerability is due to errors in Adobe products that fail to sufficiently validate input when processing embedded JBIG2 streams within PDF documents. A remote attacker could trigger this flaw via a specially crafted PDF file. Successful exploitation allows execution of arbitrary code once a malicious PDF file is loaded on a vulnerable system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK