HTTP: Adobe Acrobat PDF Reader JBIG2Decode Overflow
This signature detects attempts to exploit a known vulnerability in Adobe Acrobat. An attacker can create a malicious Web site with Web pages containing dangerous PDF documents, which if accessed by a victim, allows the attacker to gain control of the victim's computer.
Extended Description
Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application or crash the application, denying service to legitimate users. The issue affects Reader and Acrobat 9, 8.1.3 and prior, and 7. UPDATE (February 24, 2009): Further reports suggest that this issue affects the vulnerable applications running on Apple Mac OS X and various Linux-based operating systems.
Affected Products
Nortel_networks self-service_speech_server,Adobe acrobat_professional
References
BugTraq: 33751
CVE: CVE-2009-0658
URL: http://www.kb.cert.org/vuls/id/905281 http://www.adobe.com/support/security/advisories/apsa09-01.html
Short Name
HTTP:STC:ADOBE:PDF-JBIG2DECODE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Acrobat Adobe CVE-2009-0658 JBIG2Decode Overflow PDF Reader bid:33751
Release Date
02/24/2009
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3725
False Positive
Unknown
Vendors
Adobe
Gentoo
Sun
Turbolinux
Nortel_networks
Suse
CVSS Score
9.3