Vulnerability Details : CVE-2009-0927
Public exploit exists!
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.
Vulnerability category: OverflowInput validationExecute code
CVE-2009-0927 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.
Added on
2022-03-25
Action due date
2022-04-15
Exploit prediction scoring system (EPSS) score for CVE-2009-0927
Probability of exploitation activity in the next 30 days: 97.46%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2009-0927
-
Adobe Collab.getIcon() Buffer Overflow
Disclosure Date: 2009-03-24First seen: 2020-04-26exploit/windows/browser/adobe_geticonThis module exploits a buffer overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.1, < 8.1.3, and < 9.1. By creating a specially crafted pdf that a contains malformed Collab.getIcon() call, an attacker may be able to execute arbitrary code. -
Adobe Collab.getIcon() Buffer Overflow
Disclosure Date: 2009-03-24First seen: 2020-04-26exploit/windows/fileformat/adobe_geticonThis module exploits a buffer overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.1, < 8.1.3, and < 9.1. By creating a specially crafted pdf that a contains malformed Collab.getIcon() call, an attacker may be able to execute arbitrary code.
CVSS scores for CVE-2009-0927
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2009-0927
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-0927
-
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html
Mailing List;Third Party Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/49312
Third Party Advisory;VDB Entry
-
http://www.securityfocus.com/archive/1/502116/100/0/threaded
Third Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/34169
Third Party Advisory;VDB Entry
-
http://www.securitytracker.com/id?1021861
Third Party Advisory;VDB Entry
-
http://www.adobe.com/support/security/bulletins/apsb09-04.html
Adobe - Security Advisories : APSB09-04 - Security Updates available for Adobe Reader and AcrobatPatch;Vendor Advisory
-
http://www.vupen.com/english/advisories/2009/0770
Third Party Advisory
-
http://security.gentoo.org/glsa/glsa-200904-17.xml
Third Party Advisory
-
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1
Broken Link
-
http://www.exploit-db.com/exploits/9579
Third Party Advisory;VDB Entry
-
http://www.vupen.com/english/advisories/2009/1019
Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2009:009 - openSUSE Security Announce - openSUSE Mailing ListsMailing List;Third Party Advisory
-
http://www.zerodayinitiative.com/advisories/ZDI-09-014
ZDI-09-014 | Zero Day InitiativeThird Party Advisory;VDB Entry
Products affected by CVE-2009-0927
- cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*