Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:ADOBE:PDF-FONT

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Adobe Acrobat PDF Font Overflow

Release Date

 2010/10/15

Update Number

 1794

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Adobe Acrobat PDF Font Overflow


This signature detects attempts to exploit a known vulnerability in Adobe Acrobat PDF Font Processing. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.

Extended Description

Adobe Acrobat and Reader are prone to multiple security vulnerabilities: 1. Multiple remote code-execution vulnerabilities. 2. A privilege-escalation vulnerability affecting computers running Unix-like operating systems. 3. An input-validation issue in a JavaScript method may lead to remote code execution. Attackers can exploit these issues to execute arbitrary code, elevate privileges, or cause a denial-of-service condition.

Affected Products

  • Adobe Acrobat 3D 8.1.2
  • Adobe Acrobat Professional 7.0.0
  • Adobe Acrobat Professional 7.0.1
  • Adobe Acrobat Professional 7.0.2
  • Adobe Acrobat Professional 7.0.3
  • Adobe Acrobat Professional 7.0.4
  • Adobe Acrobat Professional 7.0.5
  • Adobe Acrobat Professional 7.0.6
  • Adobe Acrobat Professional 7.0.7
  • Adobe Acrobat Professional 7.0.8
  • Adobe Acrobat Professional 7.0.9
  • Adobe Acrobat Professional 7.1
  • Adobe Acrobat Professional 8.0
  • Adobe Acrobat Professional 8.1
  • Adobe Acrobat Professional 8.1.1
  • Adobe Acrobat Professional 8.1.2
  • Adobe Acrobat Professional 8.1.2 Security Update 1
  • Adobe Acrobat Standard 7.0.0
  • Adobe Acrobat Standard 7.0.1
  • Adobe Acrobat Standard 7.0.2
  • Adobe Acrobat Standard 7.0.3
  • Adobe Acrobat Standard 7.0.4
  • Adobe Acrobat Standard 7.0.5
  • Adobe Acrobat Standard 7.0.6
  • Adobe Acrobat Standard 7.0.7
  • Adobe Acrobat Standard 7.0.8
  • Adobe Acrobat Standard 7.1
  • Adobe Acrobat Standard 8.0
  • Adobe Acrobat Standard 8.1
  • Adobe Acrobat Standard 8.1.1
  • Adobe Acrobat Standard 8.1.2
  • Adobe Reader 7.0.0
  • Adobe Reader 7.0.1
  • Adobe Reader 7.0.2
  • Adobe Reader 7.0.3
  • Adobe Reader 7.0.4
  • Adobe Reader 7.0.5
  • Adobe Reader 7.0.6
  • Adobe Reader 7.0.7
  • Adobe Reader 7.0.8
  • Adobe Reader 7.0.9
  • Adobe Reader 7.1
  • Adobe Reader 8.0
  • Adobe Reader 8.1
  • Adobe Reader 8.1.1
  • Adobe Reader 8.1.2
  • Adobe Reader 8.1.2 Security Update 1
  • Avaya Interactive Response 2.0
  • Avaya Interactive Response 3.0
  • Gentoo Linux
  • Nortel Networks CallPilot 1002Rp
  • Nortel Networks CallPilot 1005R
  • Nortel Networks CallPilot 201I
  • Nortel Networks CallPilot 600R
  • Nortel Networks CallPilot 703T
  • Nortel Networks Self-Service - CCSS7
  • Nortel Networks Self-Service MPS 1000
  • Nortel Networks Self-Service MPS 500
  • Nortel Networks Self-Service Peri Application
  • Nortel Networks Self-Service Peri Workstation
  • Nortel Networks Self-Service Speech Server
  • Red Hat Enterprise Linux Desktop Supplementary 5 Client
  • Red Hat Enterprise Linux ES Extras 3
  • Red Hat Enterprise Linux ES Extras 4
  • Red Hat Enterprise Linux Supplementary 5 Server
  • Sun Solaris 10 Sparc
  • SuSE Linux 10.0 Ppc
  • SuSE Linux 10.0 X86
  • SuSE Linux 10.0 X86-64
  • SuSE Linux 10.1 Ppc
  • SuSE Linux 10.1 ppc64
  • SuSE Linux 10.1 X86
  • SuSE Linux 10.1 X86-64
  • SuSE Linux Personal 10.0.0 OSS
  • SuSE Linux Personal 10.1
  • SuSE Linux Personal 10.2
  • SuSE Linux Personal 10.2 X86 64
  • SuSE Linux Professional 10.0.0
  • SuSE Linux Professional 10.0.0 OSS
  • SuSE Linux Professional 10.1
  • SuSE Linux Professional 10.2
  • SuSE Linux Professional 10.2 X86 64
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE Novell Linux Desktop SDK 9.0.0
  • SuSE Open-Enterprise-Server 1
  • SuSE Open-Enterprise-Server 9.0.0
  • SuSE Open-Enterprise-Server
  • SuSE openSUSE 10.1
  • SuSE openSUSE 10.2
  • SuSE openSUSE 10.3
  • SuSE openSUSE 11.0
  • SuSE SUSE Linux Enterprise 10 SP1 DEBUGINFO
  • SuSE SUSE Linux Enterprise 10 SP2 DEBUGINFO
  • SuSE SUSE Linux Enterprise Desktop 10
  • SuSE SUSE Linux Enterprise Desktop 10 SP1
  • SuSE SUSE Linux Enterprise Desktop 10 SP2
  • SuSE SUSE Linux Enterprise SDK 10
  • SuSE SUSE Linux Enterprise SDK 10 SP1
  • SuSE SUSE Linux Enterprise Server 10
  • SuSE SUSE Linux Enterprise Server 10 SP1
  • SuSE SUSE Linux Enterprise Server 10 SP2
  • SuSE SUSE Linux Enterprise Server 9
  • SuSE SUSE Linux Enterprise Server 9 SP3
  • SuSE SUSE Linux Enterprise Server RT Solution 10
  • SuSE SuSE Linux Openexchange Server 4.0.0
  • SuSE SuSE Linux Open-Xchange 4.1.0
  • SuSE SUSE LINUX Retail Solution 8.0.0
  • SuSE SuSE Linux School Server for i386
  • SuSE UnitedLinux 1.0.0

References

  • BugTraq: 32100
  • CVE: CVE-2008-4813

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out