Adobe Acrobat Reader PDF file denial of service

acrobatreader-pdf-dos (42886)

Low Risk

Description:

Adobe Acrobat Reader is vulnerable to a denial of service, caused by the improper handling of PDF files. By persuading a victim to open a specially-crafted PDF file, a remote attacker could exploit this vulnerability to crash the application and possibly execute arbitrary code on the system.

Platforms Affected:

• Adobe, Acrobat Reader 3.0
• Adobe, Acrobat Reader 4.0
• Adobe, Acrobat Reader 4.0.5
• Adobe, Acrobat Reader 4.5
• Adobe, Acrobat Reader 5.0
• Adobe, Acrobat Reader 5.0.10
• Adobe, Acrobat Reader 5.0.11
• Adobe, Acrobat Reader 5.0.5
• Adobe, Acrobat Reader 5.0.6
• Adobe, Acrobat Reader 5.0.7
• Adobe, Acrobat Reader 5.0.9
• Adobe, Acrobat Reader 5.1
• Adobe, Acrobat Reader 6.0
• Adobe, Acrobat Reader 6.0.1
• Adobe, Acrobat Reader 6.0.2
• Adobe, Acrobat Reader 6.0.3
• Adobe, Acrobat Reader 6.0.4
• Adobe, Acrobat Reader 6.0.5
• Adobe, Acrobat Reader 7.0
• Adobe, Acrobat Reader 7.0.1
• Adobe, Acrobat Reader 7.0.2
• Adobe, Acrobat Reader 7.0.3
• Adobe, Acrobat Reader 7.0.4
• Adobe, Acrobat Reader 7.0.5
• Adobe, Acrobat Reader 7.0.6
• Adobe, Acrobat Reader 7.0.7
• Adobe, Acrobat Reader 7.0.8
• Adobe, Acrobat Reader 7.0.9
• Adobe, Acrobat Reader 8.0
• Adobe, Acrobat Reader 8.1
• Adobe, Acrobat Reader 8.1.1
• Adobe, Acrobat Reader 8.1.2
• Gentoo, Linux
• Nortel, Media Processing Server 1000
• RedHat, RHEL Desktop Supplementary 5 Client
• RedHat, RHEL Extras 3
• RedHat, RHEL Extras 4
• RedHat, RHEL Supplementary 5 Server
• Sun, Solaris 10 SPARC

Remedy:

Refer to APSB08-19 for patch, upgrade or suggested workaround information. See References.

For other distributions:
Apply the appropriate update for your system.

Consequences:

Denial of Service

References:

• Adobe Web site, Adobe - Adobe Reader download at http://www.adobe.com/products/acrobat/readstep2.html.
• APSB08-19, Security Update available for Adobe Reader 8 and Acrobat 8 at http://www.adobe.com/support/security/bulletins/apsb08-19.html.
• NORTEL BULLETIN ID: 2008009218, Rev 1, Nortel Response to Adobe Vulnerability Identifier APSB08-19 at http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801.
• NORTEL BULLETIN ID: 2009009504, Rev 1, Nortel: Technical Support: Nortel Response to Sun Alert 249366 - Solaris 10 - Multiple Security Vulnerabilities at http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609.
• Sun Alert ID: 249366, Multiple Security Vulnerabilities in the Adobe Reader May Lead to Execution of Arbitrary Code at http://sunsolve.sun.com/search/document.do?assetkey=1-66-249366-1.
• ASA-2008-439: acroread security update (RHSA-2008-0974)
• ASA-2009-018: Multiple Security Vulnerabilities in the Adobe Reader May Lead to Execution of Arbitrary Code (Sun 249366)
• BID-29420: Adobe Reader Unspecified Remote Denial Of Service Vulnerability
• CVE-2008-2549: Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed PDF document, as demonstrated by 2008-HI2.pdf.
• GLSA-200901-09: Adobe Reader: User-assisted execution of arbitrary code
• RHSA-2008-0974: Critical: acroread security update
• SA32872: SUSE Update for Multiple Packages
• SA35163: Nortel Media Processing Server Adobe Reader Multiple Vulnerabilities
• SUSE-SR:2008:026: SUSE Security Summary Report
• VUPEN/ADV-2008-3001: Adobe Reader and Acrobat Multiple Code Execution Vulnerabilities
• VUPEN/ADV-2009-0098: Sun Solaris Adobe Reader Multiple Code Execution Vulnerabilities

Reported:

May 29, 2008

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page