CVE-2009-1858Out-of-bounds Write in Adobe Acrobat

CWE-3994 documents4 sources
Severity
9.3CRITICALNVD
EPSS
22.0%
top 4.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedJun 11
Latest updateMay 2

Description

The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader22 versions+21
NVDadobe/acrobat23 versions+22

Patches

Patch: secunia.comPatch: www.adobe.comPatch: www.vupen.com

🔴Vulnerability Details

1
GHSA
GHSA-9rc6-xfx3-h8rq: The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 72022-05-02

📋Vendor Advisories

1
Red Hat
acroread: multiple security fixes in version 8.1.6 (APSB09-07)2009-06-09

💬Community

1
Bugzilla
acroread: multiple security fixes in version 8.1.6 (APSB09-07)2009-06-10
CVE-2009-1858 — Out-of-bounds Write in Adobe Acrobat | cvebase