Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:STC:ADOBE:PDF-FONT

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Adobe Acrobat PDF Font Overflow

Release Date

 2010/10/15

Update Number

 1794

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Adobe Acrobat PDF Font Overflow


This signature detects attempts to exploit a known vulnerability in Adobe Acrobat PDF Font Processing. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.

Extended Description

Adobe Acrobat and Reader are prone to multiple security vulnerabilities: 1. Multiple remote code-execution vulnerabilities. 2. A privilege-escalation vulnerability affecting computers running Unix-like operating systems. 3. An input-validation issue in a JavaScript method may lead to remote code execution. Attackers can exploit these issues to execute arbitrary code, elevate privileges, or cause a denial-of-service condition.

Affected Products

  • Adobe acrobat_3d 8.1.2
  • Adobe acrobat_professional 7.0.0
  • Adobe acrobat_professional 7.0.1
  • Adobe acrobat_professional 7.0.2
  • Adobe acrobat_professional 7.0.3
  • Adobe acrobat_professional 7.0.4
  • Adobe acrobat_professional 7.0.5
  • Adobe acrobat_professional 7.0.6
  • Adobe acrobat_professional 7.0.7
  • Adobe acrobat_professional 7.0.8
  • Adobe acrobat_professional 7.0.9
  • Adobe acrobat_professional 7.1
  • Adobe acrobat_professional 8.0
  • Adobe acrobat_professional 8.1
  • Adobe acrobat_professional 8.1.1
  • Adobe acrobat_professional 8.1.2
  • Adobe acrobat_professional 8.1.2 Security Update 1
  • Adobe acrobat_standard 7.0.0
  • Adobe acrobat_standard 7.0.1
  • Adobe acrobat_standard 7.0.2
  • Adobe acrobat_standard 7.0.3
  • Adobe acrobat_standard 7.0.4
  • Adobe acrobat_standard 7.0.5
  • Adobe acrobat_standard 7.0.6
  • Adobe acrobat_standard 7.0.7
  • Adobe acrobat_standard 7.0.8
  • Adobe acrobat_standard 7.1
  • Adobe acrobat_standard 8.0
  • Adobe acrobat_standard 8.1
  • Adobe acrobat_standard 8.1.1
  • Adobe acrobat_standard 8.1.2
  • Adobe reader 7.0.0
  • Adobe reader 7.0.1
  • Adobe reader 7.0.2
  • Adobe reader 7.0.3
  • Adobe reader 7.0.4
  • Adobe reader 7.0.5
  • Adobe reader 7.0.6
  • Adobe reader 7.0.7
  • Adobe reader 7.0.8
  • Adobe reader 7.0.9
  • Adobe reader 7.1
  • Adobe reader 8.0
  • Adobe reader 8.1
  • Adobe reader 8.1.1
  • Adobe reader 8.1.2
  • Adobe reader 8.1.2 Security Update 1
  • Avaya interactive_response 2.0
  • Avaya interactive_response 3.0
  • Gentoo linux
  • Nortel_networks callpilot 1002Rp
  • Nortel_networks callpilot 1005R
  • Nortel_networks callpilot 201I
  • Nortel_networks callpilot 600R
  • Nortel_networks callpilot 703T
  • Nortel_networks self-service-ccss7
  • Nortel_networks self-service_mps_1000
  • Nortel_networks self-service_mps_500
  • Nortel_networks self-service_peri_application
  • Nortel_networks self-service_peri_workstation
  • Nortel_networks self-service_speech_server
  • Red_hat enterprise_linux_desktop_supplementary 5 Client
  • Red_hat enterprise_linux_es_extras 3
  • Red_hat enterprise_linux_es_extras 4
  • Red_hat enterprise_linux_supplementary 5 Server
  • Sun solaris 10 Sparc
  • Suse linux 10.0 Ppc
  • Suse linux 10.0 X86
  • Suse linux 10.0 X86-64
  • Suse linux 10.1 Ppc
  • Suse linux 10.1 ppc64
  • Suse linux 10.1 X86
  • Suse linux 10.1 X86-64
  • Suse linux_personal 10.0.0 OSS
  • Suse linux_personal 10.1
  • Suse linux_personal 10.2
  • Suse linux_personal 10.2 X86 64
  • Suse linux_professional 10.0.0
  • Suse linux_professional 10.0.0 OSS
  • Suse linux_professional 10.1
  • Suse linux_professional 10.2
  • Suse linux_professional 10.2 X86 64
  • Suse novell_linux_desktop 9.0.0
  • Suse novell_linux_desktop_sdk 9.0.0
  • Suse open-enterprise-server 1
  • Suse open-enterprise-server 9.0.0
  • Suse open-enterprise-server
  • Suse opensuse 10.1
  • Suse opensuse 10.2
  • Suse opensuse 10.3
  • Suse opensuse 11.0
  • Suse suse_linux_enterprise 10 SP1 DEBUGINFO
  • Suse suse_linux_enterprise 10 SP2 DEBUGINFO
  • Suse suse_linux_enterprise_desktop 10
  • Suse suse_linux_enterprise_desktop 10 SP1
  • Suse suse_linux_enterprise_desktop 10 SP2
  • Suse suse_linux_enterprise_sdk 10
  • Suse suse_linux_enterprise_sdk 10 SP1
  • Suse suse_linux_enterprise_server 10
  • Suse suse_linux_enterprise_server 10 SP1
  • Suse suse_linux_enterprise_server 10 SP2
  • Suse suse_linux_enterprise_server 9
  • Suse suse_linux_enterprise_server 9 SP3
  • Suse suse_linux_enterprise_server_rt_solution_10
  • Suse suse_linux_openexchange_server 4.0.0
  • Suse suse_linux_open-xchange 4.1.0
  • Suse suse_linux_retail_solution 8.0.0
  • Suse suse_linux_school_server_for_i386
  • Suse unitedlinux 1.0.0

References

  • BugTraq: 32100
  • CVE: CVE-2008-4813

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out