⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2009-0658Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat Reader

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-121Stack-based Buffer OverflowCWE-20Improper Input Validation17 documents8 sources
Severity
8.8HIGHNVD
NVD7.8VulnCheck7.8
EPSS
92.0%
top 0.29%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
2
Adobe Acrobat ReaderAdobe Acrobat
Timeline
PublishedFeb 20
Latest updateMay 2

Description

Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDadobe/acrobat_reader7.07.1.1+5
NVDadobe/acrobat7.07.1.1+2

🔴Vulnerability Details

3
GHSA
GHSA-wr9v-3qgm-q33g: Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 92022-05-02
GHSA
GHSA-pm5j-jrq9-vmhx: Buffer overflow in Adobe Reader 92022-05-02
VulnCheck
Adobe Acrobat and Reader Improper Restriction of Operations within the Bounds of a Memory Buffer2009

💥Exploits & PoCs

5
Exploit-DB
Adobe - JBIG2Decode Memory Corruption (Metasploit) (2)2010-09-25
Exploit-DB
Adobe - JBIG2Decode Memory Corruption (Metasploit) (1)2010-06-15
Exploit-DB
Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC) (2)2009-02-23
Metasploit
Adobe JBIG2Decode Memory Corruption
Metasploit
Adobe JBIG2Decode Heap Corruption

📋Vendor Advisories

2
Red Hat
security flaw2009-03-18
Red Hat
acroread: multiple JBIG2-related security flaws2009-02-19

🕵️Threat Intelligence

2
Talos
A New Detection Framework2010-04-22
Talos
A New Detection Framework2010-04-22

💬Community

3
Bugzilla
CVE-2009-0927 security flaw2018-08-16
Bugzilla
Ghostscript: Multiple NULL pointer dereferences in JBIG2 decoder2009-06-02
Bugzilla
CVE-2009-0658, CVE-2009-0193, CVE-2009-0928, CVE-2009-1061, CVE-2009-1062 acroread: multiple JBIG2-related security flaws2009-02-23
CVE-2009-0658 — Adobe Acrobat Reader vulnerability | cvebase