CVE-2009-1061

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 and "input validation," a different vulnerability than CVE-2009-0193 and CVE-2009-1062.

References

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html

http://secunia.com/advisories/34392

http://secunia.com/advisories/34490

http://secunia.com/advisories/34706

http://secunia.com/advisories/34790

http://security.gentoo.org/glsa/glsa-200904-17.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1

http://www.adobe.com/support/security/bulletins/apsb09-04.html

http://www.redhat.com/support/errata/RHSA-2009-0376.html

http://www.securityfocus.com/bid/34229

http://www.securitytracker.com/id?1021892

http://www.vupen.com/english/advisories/2009/1019

Details

Source: MITRE

Published: 2009-03-25

Updated: 2018-11-08

Type: CWE-20

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (11 total)

IDNameProductFamilySeverity
51705SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6161)NessusSuSE Local Security Checks
critical
51690SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6121)NessusSuSE Local Security Checks
critical
41365SuSE 11 Security Update : acroread_ja (SAT Patch Number 769)NessusSuSE Local Security Checks
critical
41362SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 690)NessusSuSE Local Security Checks
critical
40803Adobe Acrobat < 9.1 / 8.1.4 / 7.1.1 Multiple VulnerabilitiesNessusWindows
high
40740RHEL 3 / 4 / 5 : acroread (RHSA-2009:0376)NessusRed Hat Local Security Checks
critical
40182openSUSE Security Update : acroread (acroread-689)NessusSuSE Local Security Checks
critical
39906openSUSE Security Update : acroread (acroread-689)NessusSuSE Local Security Checks
critical
36196GLSA-200904-17 : Adobe Reader: User-assisted execution of arbitrary codeNessusGentoo Local Security Checks
critical
36033openSUSE 10 Security Update : acroread (acroread-6120)NessusSuSE Local Security Checks
critical
35821Adobe Reader < 9.1 / 8.1.4 / 7.1.1 Multiple VulnerabilitiesNessusWindows
high