Back to search

APSB09-15: Security updates available for Adobe Reader and Acrobat (CVE-2009-3459)

Severity CVSS Published Added Modified
9 (AV:N/AC:M/Au:N/C:C/I:C/A:C) October 13, 2009 April 12, 2012 August 22, 2013

Available Exploits 

Description

Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

  • Acrobat >= 7 and < 7.1.4

    Upgrade to Adobe Acrobat/Reader version 7.1.4

    It is recommended that you upgrade to Adobe Acrobat/Reader 7.1.4 or later. In the Help menu, select the 'Check for Updates...' option.

  • Acrobat >= 8 and < 8.1.7

    Upgrade to Adobe Acrobat/Reader version 8.1.7

    It is recommended that you upgrade to Adobe Acrobat/Reader 8.1.7 or later. In the Help menu, select the 'Check for Updates...' option.

  • Acrobat >= 9 and < 9.1.3

    Upgrade to Adobe Acrobat/Reader version 9.1.3

    It is recommended that you upgrade to Adobe Acrobat/Reader 9.1.3 or later. In the Help menu, select the 'Check for Updates...' option.

Related Vulnerabilities