Adobe Reader JBIG2 image stream buffer overflow
Added: 02/27/2009CVE: CVE-2009-0658
BID: 33751
OSVDB: 52073
Background
Adobe Acrobat is software for creating PDF documents. Adobe Reader is free software for viewing PDF documents.Problem
A buffer overflow vulnerability allows command execution when a user opens a PDF file containing a specially crafted JBIG2 image stream.Resolution
Apply the update referenced in APSA 09-01 when available.References
http://www.us-cert.gov/cas/techalerts/TA09-051A.htmlLimitations
Exploit works on Adobe Reader 8.1.2 and requires a user to open the exploit PDF file in Adobe Reader.Due to the nature of the vulnerability, the success of this exploit depends on the state of the target system.
Platforms
Windows 2000Back to exploit index