Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:DL:PDF-PRINTSEPS

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Adobe Reader printSeps Memory Corruption

Release Date

 2010/11/29

Update Number

 1822

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Adobe Reader printSeps Memory Corruption


This signature detects attempts to exploit a known memory corruption vulnerability in Adobe Acrobat and Reader products. It is due to a design error when parsing PDF files containing a JavaScript call to the Doc.printSeps method. Remote attackers can exploit this by enticing target users to open the malicious PDF document in a vulnerable version of Adobe Reader. A successful attack allows for arbitrary code injection and execution with the privileges of the currently logged in user. If the code execution fails, the vulnerable application can terminate abnormally.

Extended Description

Adobe Reader is prone to a remote memory-corruption vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Adobe Reader versions 9.4.0 and 8.1.7 are affected; other versions may also be vulnerable.

Affected Products

  • Adobe Acrobat 10.0
  • Adobe Acrobat Professional 10.0
  • Adobe Acrobat Standard 10.0
  • Adobe Reader 10.0
  • Adobe Reader 8.0
  • Adobe Reader 8.1
  • Adobe Reader 8.1.1
  • Adobe Reader 8.1.2
  • Adobe Reader 8.1.2 Security Update 1
  • Adobe Reader 8.1.3
  • Adobe Reader 8.1.4
  • Adobe Reader 8.1.5
  • Adobe Reader 8.1.6
  • Adobe Reader 8.1.7
  • Adobe Reader 8.2
  • Adobe Reader 8.2.1
  • Adobe Reader 8.2.2
  • Adobe Reader 8.2.3
  • Adobe Reader 8.2.4
  • Adobe Reader 8.2.5
  • Adobe Reader 9
  • Adobe Reader 9.1
  • Adobe Reader 9.1.1
  • Adobe Reader 9.1.2
  • Adobe Reader 9.1.3
  • Adobe Reader 9.2
  • Adobe Reader 9.3
  • Adobe Reader 9.3.1
  • Adobe Reader 9.3.2
  • Adobe Reader 9.3.3
  • Adobe Reader 9.3.4
  • Adobe Reader 9.3.4
  • Adobe Reader 9.4
  • Gentoo Linux
  • Red Hat Desktop Extras 4
  • Red Hat Enterprise Linux AS Extras 4
  • Red Hat Enterprise Linux Desktop Supplementary 5 Client
  • Red Hat Enterprise Linux Desktop Supplementary 6
  • Red Hat Enterprise Linux ES Extras 4
  • Red Hat Enterprise Linux Extras 4
  • Red Hat Enterprise Linux Server Supplementary 6
  • Red Hat Enterprise Linux Supplementary 5 Server
  • Red Hat Enterprise Linux Workstation Supplementary 6
  • Red Hat Enterprise Linux WS Extras 4
  • SuSE openSUSE 11.1
  • SuSE openSUSE 11.2
  • SuSE openSUSE 11.3
  • SuSE SUSE Linux Enterprise Desktop 10 SP3
  • SuSE SUSE Linux Enterprise Desktop 11
  • SuSE SUSE Linux Enterprise Desktop 11 SP1

References

  • BugTraq: 44638
  • CVE: CVE-2010-4091

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out