HTTP: Adobe Acrobat Reader U3D CLODMeshDeclaration Memory Corruption
This signature detects attempts to exploit a known vulnerability against Adobe Acrobat and Reader. A successful attack can lead to arbitrary code execution.
Extended Description
Adobe Reader and Acrobat are prone to a buffer-overflow vulnerability because the applications fail to perform adequate boundary-checks on user-supplied data. Successfully exploiting this issue may allow attackers to execute arbitrary code within the context of the affected applications. Failed exploit attempts will result in a denial-of-service condition. This issue affects versions *prior to* Reader and Acrobat 7.1.4, 8.1.7, and 9.2. This issue was previously covered in BID 36638 (Adobe Reader and Acrobat October 2009 Multiple Remote Vulnerabilities), but has been given its own record to better document it.
Affected Products
Red_hat enterprise_linux_as_extras
Short Name
HTTP:STC:ADOBE:U3D-CLODMESH-MC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Acrobat Adobe CLODMeshDeclaration CVE-2009-2994 Corruption Memory Reader U3D bid:36689
Release Date
07/25/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Sun
Adobe
Suse
Gentoo
CVSS Score
9.3