Signature Detail

HTTP: Adobe Acrobat PDF Reader JBIG2Decode Overflow

This signature detects attempts to exploit a known vulnerability in Adobe Acrobat. An attacker can create a malicious Web site with Web pages containing dangerous PDF documents, which if accessed by a victim, allows the attacker to gain control of the victim's computer.

Extended Description

Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application or crash the application, denying service to legitimate users. The issue affects Reader and Acrobat 9, 8.1.3 and prior, and 7. UPDATE (February 24, 2009): Further reports suggest that this issue affects the vulnerable applications running on Apple Mac OS X and various Linux-based operating systems.

Affected Products

• Adobe Acrobat 7.0.0
• Adobe Acrobat 7.0.1
• Adobe Acrobat 7.0.2
• Adobe Acrobat 7.0.3
• Adobe Acrobat Professional 7.0.0
• Adobe Acrobat Professional 7.0.1
• Adobe Acrobat Professional 7.0.2
• Adobe Acrobat Professional 7.0.3
• Adobe Acrobat Professional 7.0.4
• Adobe Acrobat Professional 7.0.5
• Adobe Acrobat Professional 7.0.6
• Adobe Acrobat Professional 7.0.7
• Adobe Acrobat Professional 7.0.8
• Adobe Acrobat Professional 7.0.9
• Adobe Acrobat Professional 7.1
• Adobe Acrobat Professional 8.0
• Adobe Acrobat Professional 8.1
• Adobe Acrobat Professional 8.1.1
• Adobe Acrobat Professional 8.1.2
• Adobe Acrobat Professional 8.1.2 Security Update 1
• Adobe Acrobat Professional 8.1.3
• Adobe Acrobat Professional 9
• Adobe Acrobat Reader (UNIX) 7.0.0
• Adobe Acrobat Reader (UNIX) 7.0.1
• Adobe Acrobat Standard 7.0.0
• Adobe Acrobat Standard 7.0.1
• Adobe Acrobat Standard 7.0.2
• Adobe Acrobat Standard 7.0.3
• Adobe Acrobat Standard 7.0.4
• Adobe Acrobat Standard 7.0.5
• Adobe Acrobat Standard 7.0.6
• Adobe Acrobat Standard 7.0.7
• Adobe Acrobat Standard 7.0.8
• Adobe Acrobat Standard 7.1
• Adobe Acrobat Standard 8.0
• Adobe Acrobat Standard 8.1
• Adobe Acrobat Standard 8.1.1
• Adobe Acrobat Standard 8.1.2
• Adobe Acrobat Standard 8.1.3
• Adobe Acrobat Standard 9
• Adobe Reader 7.0.0
• Adobe Reader 7.0.1
• Adobe Reader 7.0.2
• Adobe Reader 7.0.3
• Adobe Reader 7.0.4
• Adobe Reader 7.0.5
• Adobe Reader 7.0.6
• Adobe Reader 7.0.7
• Adobe Reader 7.0.8
• Adobe Reader 7.0.9
• Adobe Reader 7.1
• Adobe Reader 8.0
• Adobe Reader 8.1
• Adobe Reader 8.1.1
• Adobe Reader 8.1.2
• Adobe Reader 8.1.2 Security Update 1
• Adobe Reader 8.1.3
• Adobe Reader 9
• Gentoo Linux
• Nortel Networks CallPilot 1002Rp
• Nortel Networks CallPilot 1005R
• Nortel Networks CallPilot 201I
• Nortel Networks CallPilot 600R
• Nortel Networks CallPilot 703T
• Nortel Networks Self-Service - CCSS7
• Nortel Networks Self-Service MPS 1000
• Nortel Networks Self-Service MPS 500
• Nortel Networks Self-Service Peri Application
• Nortel Networks Self-Service Peri Workstation
• Nortel Networks Self-Service Speech Server
• Sun Solaris 10 Sparc
• SuSE Linux Desktop 10
• SuSE Novell Linux Desktop 9.0.0
• SuSE openSUSE 10.3
• SuSE openSUSE 11.0
• SuSE openSUSE 11.1
• SuSE SUSE Linux Enterprise Desktop 10 SP2
• SuSE SUSE Linux Enterprise Desktop 11
• Turbolinux Client 2008

References

• BugTraq: 33751
• CVE: CVE-2009-0658
• URL: http://www.kb.cert.org/vuls/id/905281
• URL: http://www.adobe.com/support/security/advisories/apsa09-01.html