HTTP: Adobe Acrobat and Adobe Reader FlateDecode Integer Overflow
This signature detects attempts to bypass security devices using the obfuscated value of the FlateDecode method in a PDF document. Attackers can bypass security devices by using this method.
Extended Description
Adobe Reader and Acrobat are prone to an integer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. NOTE: This issue was previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.
Affected Products
Nortel_networks self-service_speech_server,Red_hat enterprise_linux_as_extras
Short Name
HTTP:STC:PDF-FLATEDECODE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Acrobat Adobe CVE-2009-1856 FlateDecode Integer Overflow Reader and bid:35294
Release Date
07/24/2009
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3725
False Positive
Unknown
Vendors
Red_hat
Adobe
Gentoo
Sun
Avaya
Nortel_networks
Suse
CVSS Score
9.3