CVE-2009-0927
published 2009-03-19CVE-2009-0927: Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary…
PriorityP189high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-04-15
Exploited in the wild
EPSS
96.60%
99.9th percentile
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | acrobat_reader | >= 7.0 < 7.1.1 | 7.1.1 |
| adobe | acrobat_reader | >= 8.0 < 8.1.3 | 8.1.3 |
| adobe | acrobat_reader | >= 9.0 < 9.1 | 9.1 |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2009-0927 is actively bundled in exploit kits (iPack, Blackhole) alongside other PDF CVEs. Detections should correlate multi-CVE PDF exploit attempts from the same source as a strong indicator of exploit kit activity. ↗
- →The Metasploit module for this vulnerability (adobe_geticon.rb) targets Adobe Reader/Acrobat versions < 7.1.1, < 8.1.3, and < 9.1. Endpoint detection should flag execution of Adobe Reader processes spawning child processes when these vulnerable versions are present. ↗
- ·The two Snort signatures provided reference CVE-2011-0611 (not CVE-2009-0927) in their reference fields, but are documented in context of detecting Blackhole kit PDF exploit delivery URLs that include CVE-2009-0927 payloads. Operators should be aware of this cross-reference discrepancy. ↗
- ·The Blackhole exploit kit URL path patterns vary across kit versions; the listed patterns (/content/ap1.php, /fdp1.php, /adfp1.php, etc.) are not exhaustive and new variants may use different paths. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck8.8HIGH
cisa8.8HIGH
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA
Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability
cisa·2022-03-25·CVSS 8.8
CVE-2009-0927 [HIGH] CWE-20 Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability
Vulnerability: Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability
Affected: Adobe Reader and Acrobat
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2009-0927
Remediation Due Date: 2022-04-15
Red Hat
security flaw
vendor_redhat·2009-03-18·CVSS 7.8
CVE-2009-0927 [HIGH] security flaw
security flaw
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.
GHSA
GHSA-wr9v-3qgm-q33g: Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9
ghsa_unreviewed·2022-05-02·CVSS 7.8
CVE-2009-0927 [HIGH] CWE-121 GHSA-wr9v-3qgm-q33g: Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.
VulnCheck
Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability
vulncheck·2009·CVSS 8.8
CVE-2009-0927 [HIGH] CWE-20 Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability
Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.
Affected: Adobe Acrobat and Reader
Required Action: Apply updates per vendor instructions.
Exploitation References: https://blog.talosintelligence.com/acrobat-javascript-blacklist-framework/; https://citizenlab.ca/wp-content/uploads/2017/05/shadows-in-the-cloud.pdf; https://www.virusbulletin.com/virusbulletin/2010/05/exploit-kit-explosion-part-two-vectors-attack/; https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp_ixeshe.pdf; https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/wham-bam-the-cutwailblackhole-combo/; https://www.cisa.gov/sites/default/files/fe
No detection rules found.
Exploit-DB
Adobe - 'Collab.getIcon()' Local Buffer Overflow (Metasploit) (2)
exploitdb·2010-09-25
CVE-2009-0927 Adobe - 'Collab.getIcon()' Local Buffer Overflow (Metasploit) (2)
Adobe - 'Collab.getIcon()' Local Buffer Overflow (Metasploit) (2)
---
##
# $Id: adobe_geticon.rb 10477 2010-09-25 11:59:02Z mc $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
require 'zlib'
class Metasploit3 'Adobe Collab.getIcon() Buffer Overflow',
'Description' => %q{
This module exploits a buffer overflow in Adobe Reader and Adobe Acrobat.
Affected versions include MSF_LICENSE,
'Author' =>
[
'MC',
'Didier Stevens ',
'jduck'
],
'Version' => '$Revision: 10477 $',
'References' =>
[
[ 'CVE', '2009-0927' ],
[ 'OSVDB', '53647' ],
[ 'URL', 'http://www.zerodayin
Exploit-DB
Adobe - 'Collab.getIcon()' Local Buffer Overflow (Metasploit) (1)
exploitdb·2010-04-30
CVE-2009-0927 Adobe - 'Collab.getIcon()' Local Buffer Overflow (Metasploit) (1)
Adobe - 'Collab.getIcon()' Local Buffer Overflow (Metasploit) (1)
---
##
# $Id: adobe_geticon.rb 9179 2010-04-30 08:40:19Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
require 'zlib'
class Metasploit3 'Adobe Collab.getIcon() Buffer Overflow',
'Description' => %q{
This module exploits a buffer overflow in Adobe Reader and Adobe Acrobat.
Affected versions include MSF_LICENSE,
'Author' =>
[
'MC',
'Didier Stevens ',
'jduck'
],
'Version' => '$Revision: 9179 $',
'References' =>
[
[ 'CVE', '2009-0927' ],
[ 'OSVDB', '53647' ],
[ 'URL', 'http://www.zerodayi
Exploit-DB
Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 - Collab getIcon Universal
exploitdb·2009-09-03·CVSS 8.8
CVE-2009-0927 [HIGH] Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 - Collab getIcon Universal
Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 - Collab getIcon Universal
---
#!/usr/bin/env python
#
# *** Acrobat Reader - Collab getIcon universal exploiter ***
# evil_pdf.py, tested on Operating Systems:
# Windows XP SP3 English/French
# Windows 2003 SP2 English
# with Application versions:
# Adobe Reader 9.0.0/8.1.2 English/French
# Test methods:
# Standalone PDF, embedded PDF in Firefox 3.0.13 and Internet Explorer 7
# 24/06/2009 - Created by Ivan Rodriguez Almuina (kralor). All rights reserved.
# [Coromputer] raised from the ashes.
#
http://www.coromputer.net/CVE-2009-0927_package.zip
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/9579.zip (2009-CVE-2009-0927_package.zip)
# milw0rm.com [2009-09-03]
Exploit-DB
Adobe Acrobat Reader 8.1.2 < 9.0 - 'getIcon()' Memory Corruption
exploitdb·2009-05-04
CVE-2009-0927 Adobe Acrobat Reader 8.1.2 < 9.0 - 'getIcon()' Memory Corruption
Adobe Acrobat Reader 8.1.2 he has lots of exploitation method ; ))
Exploit By : www.Abysssec.com
note : this exploit is just for educational purpose so shellcode will execute calc if you want other shellcode change shellcode .
Exploit Link : http://abysssec.com/Adobe.Collab.getIcon().pdf
Mirror Link : https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/8595.pdf (2009-Adobe.Collab.getIcon.pdf)
# milw0rm.com [2009-05-04]
Metasploit
Adobe Collab.getIcon() Buffer Overflow
metasploit
Adobe Collab.getIcon() Buffer Overflow
Adobe Collab.getIcon() Buffer Overflow
This module exploits a buffer overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.1, < 8.1.3, and < 9.1. By creating a specially crafted pdf that a contains malformed Collab.getIcon() call, an attacker may be able to execute arbitrary code.
Zscaler
PDF Exploits Targeted Through Blackhole Exploit Kits. | Zscaler
blogs_zscaler·2012-04-09
PDF Exploits Targeted Through Blackhole Exploit Kits. | Zscaler
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
Zscaler
PDF Exploit: Number Of Pages Is The Key | Zscaler
blogs_zscaler·2010-08-04
PDF Exploit: Number Of Pages Is The Key | Zscaler
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
Zscaler
ATECH-SAGADE Badness - Malicious .IN Campaign | Zscaler Blog
blogs_zscaler·2010-07-15
ATECH-SAGADE Badness - Malicious .IN Campaign | Zscaler Blog
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
Zscaler
A Brief Gumblar Infrastructure Analysis | Zscaler Blog
blogs_zscaler·2010-05-27
A Brief Gumblar Infrastructure Analysis | Zscaler Blog
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
Zscaler
More And More Obfuscation Being Used In The Malicious Script
blogs_zscaler·2010-05-07
More And More Obfuscation Being Used In The Malicious Script
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
Krebs
iPack Exploit Kit Bites Windows Users
blogs_krebs·2010-04-16·CVSS 5.1
[MEDIUM] iPack Exploit Kit Bites Windows Users
Not long ago, there were only a handful of serious so-called “exploit packs,” crimeware packages that make it easy for hackers to booby-trap Web sites with code that installs malicious software.
These days, however, it seems like we’re hearing about a new custom exploit kit every week. Part of the reason for this may be that more enterprising hackers are seeing the moneymaking potential of these offerings, which range from a few hundred dollars per kit to upwards of $10,000 per installation — depending on the features and plugins requested.
Take, for example, the iPack crimeware kit, an exploit pack that starts at around $500.
Its name and cute logo aside, iPack has nothing to do with Apple’s products. According to Jorge Mieres over at the Malware Intelligence blog, the software vulnera
Krebs
iPack Exploit Kit Bites Windows Users – Krebs on Security
blogs_krebs·2010-04-01·CVSS 5.1
[MEDIUM] iPack Exploit Kit Bites Windows Users – Krebs on Security
Not long ago, there were only a handful of serious so-called “exploit packs,” crimeware packages that make it easy for hackers to booby-trap Web sites with code that installs mal icious soft ware .
These days, however, it seems like we’re hearing about a new custom exploit kit every week. Part of the reason for this may be that more enterprising hackers are seeing the moneymaking potential of these offerings, which range from a few hundred dollars per kit to upwards of $10,000 per installation — depending on the features and plugins requested.
Take, for example, the iPack crimeware kit, an exploit pack that starts at around $500.
Its name and cute logo aside, iPack has nothing to do with Apple’ s products. According to Jorge Mieres over at the Malware Intelligence blog , the software vu
Zscaler
Malicious JavaScript targets 3 Old Vulnerabilities | Zscaler
blogs_zscaler·2010-03-08·CVSS 7.8
[HIGH] Malicious JavaScript targets 3 Old Vulnerabilities | Zscaler
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
Talos
The Acrobat JavaScript Blocklist Framework
blogs_talos·2010-01-20
The Acrobat JavaScript Blocklist Framework
## The Acrobat JavaScript Blocklist Framework
Adobe recently announced and released the Adobe Reader and Acrobat JavaScript Blocklist Framework. I've had a little bit of time to play with it and would just like to share my thoughts. First of all, I am very pleased with this new blocklisting feature. Until now, when we knew about 0-day being actively exploited in the wild using JavaScript in some manner, we would just turn off JavaScript in Adobe products (Reader, Acrobat, etc...) all together. Personally, I could live without having JavaScript in my documents, but that's a totally different discussion. I understand why some people might want that feature for their PDF documents and why for them at least, turning JavaScript completely off would not be an option. So let's say, for example,
Talos
The Acrobat JavaScript Blocklist Framework
blogs_talos·2010-01-20
The Acrobat JavaScript Blocklist Framework
Adobe recently announced and released the Adobe Reader and Acrobat JavaScript Blocklist Framework. I've had a little bit of time to play with it and would just like to share my thoughts. First of all, I am very pleased with this new blocklisting feature. Until now, when we knew about 0-day being actively exploited in the wild using JavaScript in some manner, we would just turn off JavaScript in Adobe products (Reader, Acrobat, etc...) all together. Personally, I could live without having JavaScript in my documents, but that's a totally different discussion. I understand why some people might want that feature for their PDF documents and why for them at least, turning JavaScript completely off would not be an option. So let's say, for example, that you are running Adobe Reader 9.2.0 which i
Threat Intel
APT12 (APT12, IXESHE, DynCalc)
threat_intel·CVSS 8.8
[HIGH] APT12 (APT12, IXESHE, DynCalc)
# Threat Actor Profile: APT12
ATT&CK ID: G0005
Also known as: APT12, IXESHE, DynCalc, Numbered Panda, DNSCALC
Suspected origin: China
## Overview
APT12 is a threat group that has been attributed to China. The group has targeted a variety of victims including but not limited to media outlets, high-tech companies, and multiple governments.(Citation: Meyers Numbered Panda)
## Techniques (TTPs)
### Initial Access
- T1566.001 Spearphishing Attachment
Usage: APT12 has sent emails with malicious Microsoft Office documents and PDFs attached.(Citation: Moran 2014)(Citation: Trend Micro IXESHE 2012)
### Execution
- T1204.002 Malicious File
Usage: APT12 has attempted to get victims to open malicious Microsoft Word and PDF attachment sent via spearphishing.(Citation: Moran 2014)(Citation: Trend Mi
Bugzilla
CVE-2009-0927 security flaw
bugzilla·2018-08-16·CVSS 7.8
CVE-2009-0927 [HIGH] CVE-2009-0927 security flaw
CVE-2009-0927 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.
Bugzilla
CVE-2009-0658, CVE-2009-0193, CVE-2009-0928, CVE-2009-1061, CVE-2009-1062 acroread: multiple JBIG2-related security flaws
bugzilla·2009-02-23·CVSS 9.3
CVE-2009-0658 [CRITICAL] CVE-2009-0658, CVE-2009-0193, CVE-2009-0928, CVE-2009-1061, CVE-2009-1062 acroread: multiple JBIG2-related security flaws
CVE-2009-0658, CVE-2009-0193, CVE-2009-0928, CVE-2009-1061, CVE-2009-1062 acroread: multiple JBIG2-related security flaws
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-0658 to
the following vulnerability:
Buffer overflow in Adobe Reader 9.0 and earlier and Acrobat 9.0 and
earlier allows remote attackers to execute arbitrary code via a
crafted PDF document, related to a non-JavaScript function call, as
exploited in the wild in February 2009 by Trojan.Pidief.E.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0658
http://isc.sans.org/diary.html?n&storyid=5902
http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219
http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99&tabid=2
http://www.adobe.com/support/security/ad
arXiv
Machine Learning With Feature Selection Using Principal Component Analysis for Malware Detection: A Case Study
arxiv_fulltext·2019-02-10
Machine Learning With Feature Selection Using Principal Component Analysis for Malware Detection: A Case Study
Jason Zhang, Ph.D.
Senior Threat Researcher
Sophos, Abingdon OX14 3YP, U.K.
[email protected]
plain
plain
## Abstract
Cyber security threats have been growing significantly in both volume and sophistication over the past decade. This poses great challenges to malware detection without considerable automation. In this paper, we have proposed a novel approach by extending our recently suggested artificial neural network (ANN) based model with feature selection using the principal component analysis (PCA) technique for malware detection. The effectiveness of the approach has been successfully demonstrated with the application in PDF malware detection. A varying number of principal components is examined in the comparative study. Our evaluation shows that the model with PCA can signif
arXiv
MLPdf: An Effective Machine Learning Based Approach for PDF Malware Detection
arxiv_fulltext·2018-08-21
MLPdf: An Effective Machine Learning Based Approach for PDF Malware Detection
Jason Zhang, Ph.D.
Senior Threat Researcher
Sophos, Abingdon OX14 3YP, U.K.
[email protected]
plain
plain
## Abstract
Due to the popularity of portable document format (PDF) and increasing number of vulnerabilities in major PDF viewer applications, malware writers continue to use it to deliver malware via web downloads, email attachments and other methods in both targeted and non-targeted attacks. The topic on how to effectively block malicious PDF documents has received huge research interests in both cyber security industry and academia with no sign of slowing down. In this paper, we propose a novel approach based on a multilayer perceptron (MLP) neural network model, termed MLP_df, for the detection of PDF based malware. More specifically, the MLP_df model uses a backpropagatio
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.htmlhttp://secunia.com/advisories/34490http://secunia.com/advisories/34706http://secunia.com/advisories/34790http://security.gentoo.org/glsa/glsa-200904-17.xmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1http://www.adobe.com/support/security/bulletins/apsb09-04.htmlhttp://www.exploit-db.com/exploits/9579http://www.securityfocus.com/archive/1/502116/100/0/threadedhttp://www.securityfocus.com/bid/34169http://www.securitytracker.com/id?1021861http://www.vupen.com/english/advisories/2009/0770http://www.vupen.com/english/advisories/2009/1019http://www.zerodayinitiative.com/advisories/ZDI-09-014https://exchange.xforce.ibmcloud.com/vulnerabilities/49312http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.htmlhttp://secunia.com/advisories/34490http://secunia.com/advisories/34706http://secunia.com/advisories/34790http://security.gentoo.org/glsa/glsa-200904-17.xmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1http://www.adobe.com/support/security/bulletins/apsb09-04.htmlhttp://www.exploit-db.com/exploits/9579http://www.securityfocus.com/archive/1/502116/100/0/threadedhttp://www.securityfocus.com/bid/34169http://www.securitytracker.com/id?1021861http://www.vupen.com/english/advisories/2009/0770http://www.vupen.com/english/advisories/2009/1019http://www.zerodayinitiative.com/advisories/ZDI-09-014https://exchange.xforce.ibmcloud.com/vulnerabilities/49312https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-0927
2009-03-19
Published
2022-03-25
Added to CISA KEV
Exploited in the wild