HTTP: Adobe Reader printSeps Memory Corruption
This signature detects attempts to exploit a known memory corruption vulnerability in Adobe Acrobat and Reader products. It is due to a design error when parsing PDF files containing a JavaScript call to the Doc.printSeps method. Remote attackers can exploit this by enticing target users to open the malicious PDF document in a vulnerable version of Adobe Reader. A successful attack allows for arbitrary code injection and execution with the privileges of the currently logged in user. If the code execution fails, the vulnerable application can terminate abnormally.
Extended Description
Adobe Reader is prone to a remote memory-corruption vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Adobe Reader versions 9.4.0 and 8.1.7 are affected; other versions may also be vulnerable.
Affected Products
Red_hat enterprise_linux_as_extras
Short Name
HTTP:STC:DL:PDF-PRINTSEPS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Adobe CVE-2010-4091 Corruption Memory Reader bid:44638 printSeps
Release Date
11/29/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Suse
Adobe
Gentoo
CVSS Score
9.3