Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:STC:ADOBE:ACROBAT-GETICON

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Adobe Acrobat JavaScript getIcon Method Buffer Overflow

Release Date

 2011/07/18

Update Number

 1956

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Adobe Acrobat JavaScript getIcon Method Buffer Overflow


This signature detects attempts to exploit a known vulnerability in the Adobe Acrobat. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the Server.

Extended Description

Adobe Acrobat and Reader are prone to a remote code-execution vulnerability because the software fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application or crash the application, denying service to legitimate users. The issue affects the following: Reader and Acrobat 7.1 and prior Reader and Acrobat 8.1.2 and prior Reader and Acrobat 9 UPDATE (March 24, 2009): This BID was previously titled 'Adobe Acrobat and Reader Unspecified JavaScript Method Remote Code Execution Vulnerability', but has been updated to better document the issue.

Affected Products

  • Adobe acrobat_professional 7.0.0
  • Adobe acrobat_professional 7.0.1
  • Adobe acrobat_professional 7.0.2
  • Adobe acrobat_professional 7.0.3
  • Adobe acrobat_professional 7.0.4
  • Adobe acrobat_professional 7.0.5
  • Adobe acrobat_professional 7.0.6
  • Adobe acrobat_professional 7.0.7
  • Adobe acrobat_professional 7.0.8
  • Adobe acrobat_professional 7.0.9
  • Adobe acrobat_professional 7.1
  • Adobe acrobat_professional 8.0
  • Adobe acrobat_professional 8.1
  • Adobe acrobat_professional 8.1.1
  • Adobe acrobat_professional 8.1.2
  • Adobe acrobat_professional 8.1.2 Security Update 1
  • Adobe acrobat_professional 9
  • Adobe acrobat_standard 7.0.0
  • Adobe acrobat_standard 7.0.1
  • Adobe acrobat_standard 7.0.2
  • Adobe acrobat_standard 7.0.3
  • Adobe acrobat_standard 7.0.4
  • Adobe acrobat_standard 7.0.5
  • Adobe acrobat_standard 7.0.6
  • Adobe acrobat_standard 7.0.7
  • Adobe acrobat_standard 7.0.8
  • Adobe acrobat_standard 7.1
  • Adobe acrobat_standard 8.0
  • Adobe acrobat_standard 8.1
  • Adobe acrobat_standard 8.1.1
  • Adobe acrobat_standard 8.1.2
  • Adobe acrobat_standard 9
  • Adobe reader 7.0.0
  • Adobe reader 7.0.1
  • Adobe reader 7.0.2
  • Adobe reader 7.0.3
  • Adobe reader 7.0.4
  • Adobe reader 7.0.5
  • Adobe reader 7.0.6
  • Adobe reader 7.0.7
  • Adobe reader 7.0.8
  • Adobe reader 7.0.9
  • Adobe reader 7.1
  • Adobe reader 8.0
  • Adobe reader 8.1
  • Adobe reader 8.1.1
  • Adobe reader 8.1.2
  • Adobe reader 8.1.2 Security Update 1
  • Adobe reader 9
  • Gentoo linux
  • Nortel_networks self-service-ccss7
  • Nortel_networks self-service_mps_1000
  • Nortel_networks self-service_peri_application
  • Nortel_networks self-service_peri_workstation
  • Sun solaris 10 Sparc
  • Suse linux_desktop 10
  • Suse novell_linux_desktop 9.0.0
  • Suse opensuse 10.3
  • Suse opensuse 11.0
  • Suse opensuse 11.1
  • Suse suse_linux_enterprise_desktop 10 SP2
  • Suse suse_linux_enterprise_desktop 11

References

  • BugTraq: 34169
  • CVE: CVE-2009-0927

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out