Red Hat Bugzilla – Bug 528659
acroread: Multiple arbitrary code execution fixes in 8.1.7 (APSB09-15)
Last modified: 2009-10-19 11:20:49 EDT
Adobe has published a security bulletin APSB09-15 for security issues, leading to arbitrary code execution, addressed in Adobe Reader and Acrobat products: http://www.adobe.com/support/security/bulletins/apsb09-15.html Quoting Adobe bulletin APSB09-15 for issues descriptions: This update resolves a third party web download product that Adobe Reader uses that could potentially lead to code execution (CVE-2009-2564). This update resolves an integer overflow that leads to a Denial of Service (DoS); arbitrary code execution has not been demonstrated, but may be possible (CVE-2009-2980). This update resolves a memory corruption issue that leads to a Denial of Service (DoS); arbitrary code execution has not been demonstrated, but may be possible (CVE-2009-2983). This update resolves a memory corruption issue that could potentially lead to code execution (CVE-2009-2985). This update resolves multiple heap overflow vulnerabilities that could potentially lead to code execution (CVE-2009-2986). This update resolves an integer overflow that could potentially lead to code execution (CVE-2009-2989). This update resolves an invalid array index issue that could potentially lead to code execution (CVE-2009-2990). This update resolves a remote exploitation issue specific to the Mozilla plug-in that could potentially allow an attacker to execute arbitrary code with the privileges of the current user (CVE-2009-2991). This update resolves multiple input validation vulnerabilities that could potentially lead to code execution (CVE-2009-2993). This update resolves a buffer overflow issue that could potentially lead to code execution (CVE-2009-2994). This update resolves a memory corruption issue that leads to a Denial of Service (DoS); arbitrary code execution has not been demonstrated, but may be possible (CVE-2009-2996). This update resolves a heap overflow vulnerability that could potentially lead to code execution (CVE-2009-2997). This update resolves an input validation issue that could potentially lead to code execution (CVE-2009-2998). This update resolves an input validation issue that could potentially lead to code execution (CVE-2009-3458). This update resolves a memory corruption issue that could potentially lead to code execution (CVE-2009-3460). This update resolves a Unix-only format bug when running in Debug mode that could lead to arbitrary code execution (CVE-2009-3462).
According to the bulletin, the following CVEs only affect Acrobat, not Reader: This update resolves an integer overflow that could potentially lead to code execution. This issue is specific to Acrobat and does not affect Adobe Reader. (CVE-2009-2989). This update resolves a memory corruption issue that could potentially lead to code execution. This issue is specific to Acrobat and does not affect Adobe Reader. (CVE-2009-3460).
CVE-2009-2564 is for a third-party component used by Windows installer: http://blogs.adobe.com/psirt/2009/07/local_privilege_escalation_in.html
This issue has been addressed in following products: Extras for RHEL 3 Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2009:1499 https://rhn.redhat.com/errata/RHSA-2009-1499.html