|
|
CVE Reference: CVE-2009-3955 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2009-3955 |
|
|
Description: Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/55553 SUSE http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html ST 1023446 SAID Secunia Advisory: SA38215 Secunia Advisory: SA38138 REDHAT http://www.redhat.com/support/errata/RHSA-2010-0060.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8255 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=836 CONFIRM http://www.adobe.com/support/security/bulletins/apsb10-02.html CERT http://www.us-cert.gov/cas/techalerts/TA10-013A.html BID 37757 |
|
| Return to the previous page. |
