Signature Detail

HTTP: Adobe Acrobat Reader U3D CLODMeshDeclaration Memory Corruption

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat and Reader. A successful attack can lead to arbitrary code execution.

Extended Description

Adobe Reader and Acrobat are prone to a buffer-overflow vulnerability because the applications fail to perform adequate boundary-checks on user-supplied data. Successfully exploiting this issue may allow attackers to execute arbitrary code within the context of the affected applications. Failed exploit attempts will result in a denial-of-service condition. This issue affects versions *prior to* Reader and Acrobat 7.1.4, 8.1.7, and 9.2. This issue was previously covered in BID 36638 (Adobe Reader and Acrobat October 2009 Multiple Remote Vulnerabilities), but has been given its own record to better document it.

Affected Products

• Adobe Acrobat 7.0.0
• Adobe Acrobat 7.0.1
• Adobe Acrobat 7.0.2
• Adobe Acrobat 7.0.3
• Adobe Acrobat 9.1.1
• Adobe Acrobat 3D 8.1.2
• Adobe Acrobat 3D 8.1.3
• Adobe Acrobat 3D
• Adobe Acrobat Professional 7.0.0
• Adobe Acrobat Professional 7.0.1
• Adobe Acrobat Professional 7.0.2
• Adobe Acrobat Professional 7.0.3
• Adobe Acrobat Professional 7.0.4
• Adobe Acrobat Professional 7.0.5
• Adobe Acrobat Professional 7.0.6
• Adobe Acrobat Professional 7.0.7
• Adobe Acrobat Professional 7.0.8
• Adobe Acrobat Professional 7.0.9
• Adobe Acrobat Professional 7.1
• Adobe Acrobat Professional 7.1.1
• Adobe Acrobat Professional 7.1.3
• Adobe Acrobat Professional 8.0
• Adobe Acrobat Professional 8.1
• Adobe Acrobat Professional 8.1.1
• Adobe Acrobat Professional 8.1.2
• Adobe Acrobat Professional 8.1.2 Security Update 1
• Adobe Acrobat Professional 8.1.3
• Adobe Acrobat Professional 8.1.4
• Adobe Acrobat Professional 8.1.6
• Adobe Acrobat Professional 9
• Adobe Acrobat Professional 9.1
• Adobe Acrobat Professional 9.1.2
• Adobe Acrobat Professional 9.1.3
• Adobe Acrobat Reader (UNIX) 7.0.0
• Adobe Acrobat Reader (UNIX) 7.0.1
• Adobe Acrobat Standard 7.0.0
• Adobe Acrobat Standard 7.0.1
• Adobe Acrobat Standard 7.0.2
• Adobe Acrobat Standard 7.0.3
• Adobe Acrobat Standard 7.0.4
• Adobe Acrobat Standard 7.0.5
• Adobe Acrobat Standard 7.0.6
• Adobe Acrobat Standard 7.0.7
• Adobe Acrobat Standard 7.0.8
• Adobe Acrobat Standard 7.1
• Adobe Acrobat Standard 7.1.1
• Adobe Acrobat Standard 7.1.3
• Adobe Acrobat Standard 8.0
• Adobe Acrobat Standard 8.1
• Adobe Acrobat Standard 8.1.1
• Adobe Acrobat Standard 8.1.2
• Adobe Acrobat Standard 8.1.3
• Adobe Acrobat Standard 8.1.4
• Adobe Acrobat Standard 8.1.6
• Adobe Acrobat Standard 9
• Adobe Acrobat Standard 9.1
• Adobe Acrobat Standard 9.1.2
• Adobe Acrobat Standard 9.1.3
• Adobe Reader 7.0.0
• Adobe Reader 7.0.1
• Adobe Reader 7.0.2
• Adobe Reader 7.0.3
• Adobe Reader 7.0.4
• Adobe Reader 7.0.5
• Adobe Reader 7.0.6
• Adobe Reader 7.0.7
• Adobe Reader 7.0.8
• Adobe Reader 7.0.9
• Adobe Reader 7.1
• Adobe Reader 7.1.1
• Adobe Reader 7.1.2
• Adobe Reader 7.1.3
• Adobe Reader 8.0
• Adobe Reader 8.1
• Adobe Reader 8.1.1
• Adobe Reader 8.1.2
• Adobe Reader 8.1.2 Security Update 1
• Adobe Reader 8.1.3
• Adobe Reader 8.1.4
• Adobe Reader 8.1.5
• Adobe Reader 8.1.6
• Adobe Reader 9
• Adobe Reader 9.1
• Adobe Reader 9.1.1
• Adobe Reader 9.1.2
• Adobe Reader 9.1.3
• Gentoo Linux
• Red Hat Desktop Extras 3
• Red Hat Desktop Extras 4
• Red Hat Enterprise Linux AS Extras 3
• Red Hat Enterprise Linux AS Extras 4
• Red Hat Enterprise Linux Desktop Supplementary 5 Client
• Red Hat Enterprise Linux ES Extras 3
• Red Hat Enterprise Linux ES Extras 4
• Red Hat Enterprise Linux Extras 3
• Red Hat Enterprise Linux Extras 4
• Red Hat Enterprise Linux Supplementary 5 Server
• Red Hat Enterprise Linux WS Extras 3
• Red Hat Enterprise Linux WS Extras 4
• Sun Solaris 10 Sparc
• SuSE openSUSE 10.3
• SuSE openSUSE 11.0
• SuSE openSUSE 11.1
• SuSE SUSE Linux Enterprise Desktop 10 SP2
• SuSE SUSE Linux Enterprise Desktop 10 SP3
• SuSE SUSE Linux Enterprise Desktop 11

References

• BugTraq: 36689
• CVE: CVE-2009-2994