Red Hat Bugzilla – Bug 486928
CVE-2009-0658, CVE-2009-0193, CVE-2009-0928, CVE-2009-1061, CVE-2009-1062 acroread: multiple JBIG2-related security flaws
Last modified: 2010-10-23 03:50:02 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-0658 to
the following vulnerability:
Buffer overflow in Adobe Reader 9.0 and earlier and Acrobat 9.0 and
earlier allows remote attackers to execute arbitrary code via a
exploited in the wild in February 2009 by Trojan.Pidief.E.
Only Adobe Reader 9.1 is now available; for Linux 8.1.3 is still the latest version.
The advisory also indicates:
"Adobe recommends users of Adobe Reader and Acrobat 9 update to Adobe Reader 9.1 and Acrobat 9.1. Adobe is planning to make available updates for Adobe Reader 7 and 8, and Acrobat 7 and 8, by March 18. In addition, Adobe plans to make available Adobe Reader 9.1 for Unix by March 25."
Updated versions of Adobe Reader 8.x and 7.x were released for Windows and Macintosh platform:
Planned release of updated packages for Unix / Linux was moved to March 24:
"Adobe now plans to make available Adobe Reader 9.1 and Adobe Reader 8.1.4 for Unix by March 24."
Updates of 8.1.4 for Linux are now available:
In addition to the iDefense issue, there are other JBIG2-related issues that the new Adobe advisory points out.
Critical vulnerabilities have been identified in Adobe Reader and Acrobat 9 and earlier versions. These vulnerabilities would cause the application to crash and could potentially allow an attacker to take control of the affected system.
Adobe recommends users of Acrobat and Adobe Reader update their product installations to versions 9.1, 8.1.4, or 7.1.1 using the instructions above to protect themselves from potential vulnerabilities.
These updates resolve the JBIG2 filter buffer overflow issue from Security Advisory APSA09-01 and Security Bulletin APSB09-03 (CVE-2009-0658)
Note: there are reports that this issue is being exploited
These updates resolve additional JBIG2 input validation issues that could potentially lead to remote code execution. (CVE-2009-0193, CVE-2009-0928, CVE-2009-1061, CVE-2009-1062)
This issue has been addressed in following products:
Extras for RHEL 3
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:0376 https://rhn.redhat.com/errata/RHSA-2009-0376.html
This issue was addressed in:
Red Hat Enterprise Linux Extras: