CVE-2009-4324
CVE-2009-4324
In short
Adobe Reader and Acrobat have a flaw where they try to use data that has already been freed from memory when handling multimedia in PDF files. An attacker can craft a malicious PDF to trigger this and run any code they want on your computer.
Technical detail
Use-after-free vulnerability in Doc.media.newPlayer method triggered by specially crafted PDF files with ZLib compressed streams. Attack requires user to open malicious PDF; vulnerability allows arbitrary code execution with user privileges. Affects Adobe Reader/Acrobat 8.x and 9.x on Windows and Mac OS X.
Summary generated and translated by AI from the official description.
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 3
exploitdbwww.exploit-db.com/exploits/16503unverifiedexploitdbwww.exploit-db.com/exploits/16623unverifiedexploitdbwww.exploit-db.com/exploits/10618unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.htmlhttp://contagiodump.blogspot.com/2009/12/virustotal-httpwww.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.htmlhttp://osvdb.org/60980https://bugzilla.redhat.com/show_bug.cgi?id=547799http://secunia.com/advisories/37690http://secunia.com/advisories/38138http://secunia.com/advisories/38215https://exchange.xforce.ibmcloud.com/vulnerabilities/54747https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-4324http://www.adobe.com/support/security/advisories/apsa09-07.html