| A vulnerability in Adobe Acrobat and Acrobat Reader can result in remote code execution.
This vulnerability was discovered being exploited in the wild on Dec. 11, 2009, and publicly acknowledged by Adobe on Dec. 14, 2009. New in-the-wild PDF variants were discovered by ISS Managed Security Services on Dec. 18, 2009, indicating that this attack is being picked up by more attackers using more traditional obfuscation and attack techniques.
|
ISS Coverage |
Product
| Content Version
|
Network Sensor 7.0
Proventia A
Proventia IPS (G/GX)
Server Sensor 7.0
Proventia Multifunction Appliance
Proventia Server (Linux)
| 29.121
|
Proventia Server (Windows)
Proventia Desktop
| 2461
|
|
* This signature is not blocked by default, because it blocks any PDF containing JavasScript. However, this signature does detect exploits that are currently in the wild and can be used if your organization wants a lock-down mode to block current exploits. Additional coverage is under investigation.
** This signature is blocked in the default policy.
*** This signature blocks malicious web pages hosting a new PDF variant discovered by ISS Managed Security Services on Dec. 18, 2009.
|
|
Detailed Description |
Business Impact:
| This vulnerability could result in remote code execution if a victim opens a specially-crafted PDF (portable document format) file. Adobe Acrobat and Acrobat Reader are vulnerable and, at the time of publication, had no patch available. Links to these malicious documents can easily be sent through spam or through links on seemingly non-malicious Web sites. Active exploitation led to the discovery of this vulnerability.
|
CVSS:
| Base Score:
| 9.3
|
| Access Vector:
| Network
|
Access Complexity:
| Medium
|
Authentication:
| None
|
Confidentiality Impact:
| Complete
|
Integrity Impact:
| Complete
|
Availability Impact:
| Complete
|
|
|
Adjusted Temporal Score:
| 8.8
|
| Exploitability:
| High
|
Remediation Level:
| Workaround
|
Report Confidence:
| Confirmed
|
Affected Products:
| For a full list of affected versions, see references below.
|
Technical Description:
| Adobe Acrobat and Reader could allow a remote attacker to execute arbitrary code on the system, caused by an unspecified memory corruption error. By persuading a victim to open a specially-crafted PDF file, a remote attacker could exploit this vulnerability to execute arbitrary code with elevated privileges.
|
Remediation:
| At the time of publication, patches were not available. Customers can deploy security products to block exploits.
|
|
References |
|
Revision History |
1.0
| Initial publication.
|
1.1
| Clarified wording for initial signature coverage.
|
1.2
| Added link to Adobe bulletin.
|
1.3
| Added PoC coverage.
|
|
1.4
| Added new signature coverage.
|
|
1.5
| New variants were discovered, caught through the generic Proventia obfuscation signatures used to protect IBM ISS Managed Security Services customers.
|
|
View Detail more report Adobe acrobat in
shadowserver.org
more
kecoak-elektronik
في غالب الأحيان يحتاج سكان مكة المكرمة الى تنظيف وتعقيم المنازل واعمال مكافحة الحشرات ويبحثون في تلك الأثناء عن شركات متخصصة تقدم خدمات منزلية ونحن نقدم لكم نبذة عن تلك الشركات فمن اولى تلك الشركات التي تعمل في المجال شركة مكافحة حشرات بجدة للتخلص من الحشرات المنزلية الضارة وايضا توجد تلك الشركات تحت اسماء عدة شركه مكافحه حشرات بجده واليكم المهم في اعمال مكافحة الحشرات التي تهتم بها شركتنا شركة مكافحة الصراصير بجده وايضا لا ننسى ان شركة مكافحة البق بجدة لما لها من فضل كبير في اختيار نوعية المبيدات المستخدمة في اعمال التخلص من بق الفراش وكذلك يمكنك البحث عن شركات مكافحة الحشرات تحت العبارة مكافحه الحشرات بجده فهي عبارة سهلة ولكنها تفي بالغرض ولأعمال رش المبيدات الحشرية فننصحك بالتعامل مع شركة رش مبيدات بجدة وذلك لأن اعمال مكافحة الحشرات بالمنازل تتم عن طريق رش المبيدات الحشرية في المنزل والمهم ان تكون المبيدات آمنة ومضمونة