Signature Detail

HTTP: Adobe Download Manager getPlus ActiveX Control Buffer Overflow

A stack buffer overflow vulnerability exists in Adobe Download Manager that can allow arbitrary code execution. Remote attackers can exploit this vulnerability by enticing affected users to open a malicious web page in a vulnerable version of the product. In a sophisticated attack where code injection is successful, the behaviour of the target host is entirely dependent on the intended function of the injected code. The injected code, in this case, would execute within the security context of the currently logged in user. In an attack case where code injection is not successful, the web browser can terminate abnormally.

Extended Description

NOS Microsystems getPlus Helper ActiveX control is prone to multiple stack-based buffer-overflow vulnerabilities. Successful exploits may allow the attacker to execute arbitrary code in the context of a user running the affected application. Failed attempts will likely result in denial-of-service conditions. NOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. NOTE (January 13, 2010): This issue was previously titled 'Adobe Reader and Acrobat Download Manager Remote Code Execution Vulnerability', but has been renamed to properly identify the root vulnerable software.

Affected Products

• Adobe Acrobat 9.1.1
• Adobe Acrobat 9.2
• Adobe Acrobat Professional 8.0
• Adobe Acrobat Professional 8.1
• Adobe Acrobat Professional 8.1.1
• Adobe Acrobat Professional 8.1.2
• Adobe Acrobat Professional 8.1.2 Security Update 1
• Adobe Acrobat Professional 8.1.3
• Adobe Acrobat Professional 8.1.4
• Adobe Acrobat Professional 8.1.6
• Adobe Acrobat Professional 8.1.7
• Adobe Acrobat Professional 9
• Adobe Acrobat Professional 9.1
• Adobe Acrobat Professional 9.1.2
• Adobe Acrobat Professional 9.1.3
• Adobe Acrobat Professional 9.2
• Adobe Acrobat Standard 8.0
• Adobe Acrobat Standard 8.1
• Adobe Acrobat Standard 8.1.1
• Adobe Acrobat Standard 8.1.2
• Adobe Acrobat Standard 8.1.3
• Adobe Acrobat Standard 8.1.4
• Adobe Acrobat Standard 8.1.6
• Adobe Acrobat Standard 8.1.7
• Adobe Acrobat Standard 9
• Adobe Acrobat Standard 9.1
• Adobe Acrobat Standard 9.1.2
• Adobe Acrobat Standard 9.1.3
• Adobe Acrobat Standard 9.2
• Adobe Reader 8.0
• Adobe Reader 8.1
• Adobe Reader 8.1.1
• Adobe Reader 8.1.2
• Adobe Reader 8.1.2 Security Update 1
• Adobe Reader 8.1.3
• Adobe Reader 8.1.4
• Adobe Reader 8.1.5
• Adobe Reader 8.1.6
• Adobe Reader 8.1.7
• Adobe Reader 9
• Adobe Reader 9.1
• Adobe Reader 9.1.1
• Adobe Reader 9.1.2
• Adobe Reader 9.1.3
• Adobe Reader 9.2
• Nortel Networks CallPilot 1002Rp
• Nortel Networks CallPilot 1005R
• Nortel Networks CallPilot 200I
• Nortel Networks CallPilot 201I
• Nortel Networks CallPilot 600R
• Nortel Networks CallPilot 703T
• Nortel Networks Self-Service Media Processing Server
• Nortel Networks Self-Service MPS 1000
• Nortel Networks Self-Service MPS 500
• Nortel Networks Self-Service Peri Application
• Nortel Networks Self-Service Speech Server
• NOS Microsystems getPlus Helper ActiveX control
• SuSE openSUSE 11.0
• SuSE openSUSE 11.1
• SuSE openSUSE 11.2
• SuSE SUSE Linux Enterprise 10 SP2
• SuSE SUSE Linux Enterprise 10 SP3
• SuSE SUSE Linux Enterprise Desktop 11

References

• BugTraq: 37759
• CVE: CVE-2009-3958