HTTP: Adobe MIMETYPE in Embed/Object HTML Tag
This signature detects attempts to exploit a known vulnerability in Adobe Acrobat and Adobe Reader FireFox Plugin. An attacker can create a malicious Web site containing dangerous HTML Embed or Object tags, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Adobe Reader and Acrobat are prone to a remote code-execution vulnerability because they fail to properly handle certain COM objects. An attacker can exploit this issue by supplying a malicious PDF file or webpage. Successful exploits may allow the attacker to execute arbitrary code in the context of a user running the affected application. Failed attempts will likely result in denial-of-service conditions. This issue was previously covered in BID 36638 (Adobe Reader and Acrobat October 2009 Multiple Remote Vulnerabilities), but has been given its own record to better document it.
Affected Products
Red_hat enterprise_linux_as_extras
Short Name
HTTP:STC:ADOBE:EMBED-OBJ-MIME
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Adobe CVE-2009-2983 Embed/Object HTML MIMETYPE Tag bid:36668 in
Release Date
10/27/2009
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Frequently
Vendors
Red_hat
Sun
Adobe
Suse
Gentoo
CVSS Score
9.3