CVE-2009-1856 - OpenCVE

Integer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows attackers to cause a denial of service or possibly execute arbitrary code via a PDF file containing unspecified parameters to the FlateDecode filter, which triggers a heap-based buffer overflow.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Adobe	Acrobat Reader Acrobat

Configuration 1 [-]

OR	cpe:2.3:a:adobe:acrobat:7.0:::::::*
	cpe:2.3:a:adobe:acrobat:7.0::professional:::::
	cpe:2.3:a:adobe:acrobat:7.0::standard:::::
	cpe:2.3:a:adobe:acrobat:7.0.1:::::::*
	cpe:2.3:a:adobe:acrobat:7.0.1::professional:::::
	cpe:2.3:a:adobe:acrobat:7.0.1::standard:::::
	cpe:2.3:a:adobe:acrobat:7.0.2:::::::*
	cpe:2.3:a:adobe:acrobat:7.0.2::professional:::::
	cpe:2.3:a:adobe:acrobat:7.0.2::standard:::::
	cpe:2.3:a:adobe:acrobat:7.0.3:::::::*
	cpe:2.3:a:adobe:acrobat:7.0.3::professional:::::
	cpe:2.3:a:adobe:acrobat:7.0.3::standard:::::
	cpe:2.3:a:adobe:acrobat:7.0.4:::::::*
	cpe:2.3:a:adobe:acrobat:7.0.4::professional:::::
	cpe:2.3:a:adobe:acrobat:7.0.4::standard:::::
	cpe:2.3:a:adobe:acrobat:7.0.5:::::::*
	cpe:2.3:a:adobe:acrobat:7.0.5::professional:::::
	cpe:2.3:a:adobe:acrobat:7.0.5::standard:::::
	cpe:2.3:a:adobe:acrobat:7.0.6:::::::*
	cpe:2.3:a:adobe:acrobat:7.0.6::professional:::::
	cpe:2.3:a:adobe:acrobat:7.0.6::standard:::::
	cpe:2.3:a:adobe:acrobat:7.0.7:::::::*
	cpe:2.3:a:adobe:acrobat:7.0.7::professional:::::
	cpe:2.3:a:adobe:acrobat:7.0.7::standard:::::
	cpe:2.3:a:adobe:acrobat:7.0.8:::::::*
	cpe:2.3:a:adobe:acrobat:7.0.8::elements:::::
	cpe:2.3:a:adobe:acrobat:7.0.8::professional:::::
	cpe:2.3:a:adobe:acrobat:7.0.8::standard:::::
	cpe:2.3:a:adobe:acrobat:7.0.9:::::::*
	cpe:2.3:a:adobe:acrobat:7.0.9::professional:::::
	cpe:2.3:a:adobe:acrobat:7.1:::::::*
	cpe:2.3:a:adobe:acrobat:7.1::professional:::::
	cpe:2.3:a:adobe:acrobat:7.1::standard:::::
	cpe:2.3:a:adobe:acrobat:7.1.0:::::::*
	cpe:2.3:a:adobe:acrobat:7.1.1:::::::*
	cpe:2.3:a:adobe:acrobat:7.1.1::standard:::::
	cpe:2.3:a:adobe:acrobat:8.0:::::::*
	cpe:2.3:a:adobe:acrobat:8.0::professional:::::
	cpe:2.3:a:adobe:acrobat:8.0::standard:::::
	cpe:2.3:a:adobe:acrobat:8.1:::::::*
	cpe:2.3:a:adobe:acrobat:8.1::standard:::::
	cpe:2.3:a:adobe:acrobat:8.1.1:::::::*
	cpe:2.3:a:adobe:acrobat:8.1.1::professional:::::
	cpe:2.3:a:adobe:acrobat:8.1.1::standard:::::
	cpe:2.3:a:adobe:acrobat:8.1.2:::::::*
	cpe:2.3:a:adobe:acrobat:8.1.2::professional:::::
	cpe:2.3:a:adobe:acrobat:8.1.2::standard:::::
	cpe:2.3:a:adobe:acrobat:8.1.2:security_update:professional:::::*
	cpe:2.3:a:adobe:acrobat:8.1.3:::::::*
	cpe:2.3:a:adobe:acrobat:8.1.3::professional:::::
	cpe:2.3:a:adobe:acrobat:8.1.3::standard:::::
	cpe:2.3:a:adobe:acrobat:8.1.4:::::::*
	cpe:2.3:a:adobe:acrobat:8.1.4::professional:::::
	cpe:2.3:a:adobe:acrobat:8.1.4::standard:::::
	cpe:2.3:a:adobe:acrobat:9:::::::*
	cpe:2.3:a:adobe:acrobat:9.0:::::::*
	cpe:2.3:a:adobe:acrobat:9.0::standard:::::
	cpe:2.3:a:adobe:acrobat:9.0.0:::::::*
	cpe:2.3:a:adobe:acrobat:9.1:::::::*
	cpe:2.3:a:adobe:acrobat:9.1::standard:::::
	cpe:2.3:a:adobe:acrobat_reader:7.0:::::::*
	cpe:2.3:a:adobe:acrobat_reader:7.0.1:::::::*
	cpe:2.3:a:adobe:acrobat_reader:7.0.2:::::::*
	cpe:2.3:a:adobe:acrobat_reader:7.0.3:::::::*
cpe:2.3:a:adobe:acrobat_reader:7.0.4:::::::*
cpe:2.3:a:adobe:acrobat_reader:7.0.5:::::::*
cpe:2.3:a:adobe:acrobat_reader:7.0.6:::::::*
cpe:2.3:a:adobe:acrobat_reader:7.0.7:::::::*
cpe:2.3:a:adobe:acrobat_reader:7.0.8:::::::*
cpe:2.3:a:adobe:acrobat_reader:7.0.9:::::::*
cpe:2.3:a:adobe:acrobat_reader:7.1:::::::*
cpe:2.3:a:adobe:acrobat_reader:7.1.1:::::::*
cpe:2.3:a:adobe:acrobat_reader:8.0:::::::*
cpe:2.3:a:adobe:acrobat_reader:8.1:::::::*
cpe:2.3:a:adobe:acrobat_reader:8.1.1:::::::*
cpe:2.3:a:adobe:acrobat_reader:8.1.2:::::::*
cpe:2.3:a:adobe:acrobat_reader:8.1.2:security_update::::::
cpe:2.3:a:adobe:acrobat_reader:8.1.3:::::::*
cpe:2.3:a:adobe:acrobat_reader:8.1.4:::::::*
cpe:2.3:a:adobe:acrobat_reader:8.1.5:::::::*
cpe:2.3:a:adobe:acrobat_reader:9:::::::*
cpe:2.3:a:adobe:acrobat_reader:9.1:::::::*
cpe:2.3:a:adobe:acrobat_reader:9.1.1:::::::*

References

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=807
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://secunia.com/advisories/34580	Vendor Advisory
http://secunia.com/advisories/35496	Vendor Advisory
http://secunia.com/advisories/35655	Vendor Advisory
http://secunia.com/advisories/35685	Vendor Advisory
http://secunia.com/advisories/35734	Vendor Advisory
http://security.gentoo.org/glsa/glsa-200907-06.xml
http://securitytracker.com/id?1022361
http://www.adobe.com/support/security/bulletins/apsb09-07.html	Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2009-1109.html
http://www.securityfocus.com/bid/35274
http://www.securityfocus.com/bid/35294
http://www.us-cert.gov/cas/techalerts/TA09-161A.html	US Government Resource
http://www.vupen.com/english/advisories/2009/1547	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/51021