Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 267846 (CVE-2009-1492)

Summary: <app-text/acroread-8.1.5 Multiple code execution vulnerabilities (CVE-2009-{1492,1493})
Product: Gentoo Security Reporter: Alex Legler (RETIRED) <a3li>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: printing
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://secunia.com/advisories/34924/2/
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---
Bug Depends on: 273908    
Bug Blocks:    

Description Alex Legler (RETIRED) archtester gentoo-dev Security 2009-04-29 08:33:26 UTC 
Secunia writes:

Arr1val has discovered two vulnerabilities in Adobe Reader, which can be exploited by malicious people to potentially compromise a user's system.

1) An error when processing calls to the "getAnnots()" JavaScript method can be exploited to corrupt memory via a specially crafted PDF file.

2) An error when processing calls to the "customDictionaryOpen()" JavaScript method can be exploited to corrupt memory via a specially crafted PDF file.

Successful exploitation may allow execution of arbitrary code.
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-05-01 11:17:55 UTC 
CVE-2009-1492 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1492):
  The getAnnots Doc method in the JavaScript API in Adobe Reader and
  Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to
  cause a denial of service (memory corruption) or execute arbitrary
  code via a PDF file that contains an annotation, and has an
  OpenAction entry with JavaScript code that calls this method with
  crafted integer arguments.

CVE-2009-1493 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1493):
  The customDictionaryOpen spell method in the JavaScript API in Adobe
  Reader 8.1.4 and 9.1 on Linux allows remote attackers to cause a
  denial of service (memory corruption) or execute arbitrary code via a
  PDF file that triggers a call to this method with a long string in
  the second argument.
Comment 2 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-05-05 15:31:59 UTC 
"We are in the process of fixing the issue, and expect to make available product updates for the relevant supported Adobe Reader and Acrobat versions and platforms by May 12th, 2009."
(http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html)
Comment 3 Robert Buchholz (RETIRED) gentoo-dev 2009-05-16 14:16:58 UTC 
They have been released:
http://www.adobe.com/support/security/bulletins/apsb09-06.html

Please bump
Comment 4 Timo Gurr (RETIRED) gentoo-dev 2009-06-10 09:23:00 UTC 
There are several new security issues:
http://www.adobe.com/support/security/bulletins/apsb09-07.html

Adobe states that updates for Linux will be available on 16th June, I'll take care of the bumps then (8.1.6/9.1.2).
Comment 5 Timo Gurr (RETIRED) gentoo-dev 2009-06-17 23:45:15 UTC 
Tarballs are available on the Adobe mirrors now, I've committed updated ebuilds (8.1.6/9.1.2).
Comment 6 Robert Buchholz (RETIRED) gentoo-dev 2009-07-12 17:49:13 UTC 
GLSA 200907-06