CVE-2009-4324 - Vulnerability Details

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is in the KEV database since June 8, 2022.

Exploitation active

Automatable no

Technical Impact total

Vendors	Products
Adobe	Acrobat Acrobat Reader
Apple	Mac Os X
Microsoft	Windows
Opensuse	Opensuse
Redhat	Rhel Extras
Suse	Linux Enterprise Linux Enterprise Debuginfo

Configuration 1 [-]

AND

OR	cpe:2.3:a:adobe:acrobat::::::::
	cpe:2.3:a:adobe:acrobat::::::::
	cpe:2.3:a:adobe:acrobat_reader::::::::
	cpe:2.3:a:adobe:acrobat_reader::::::::

OR	cpe:2.3:o:apple:mac_os_x:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:suse:linux_enterprise_debuginfo:11:-::::::
	cpe:2.3:o:opensuse:opensuse:11.1:::::::*
	cpe:2.3:o:opensuse:opensuse:11.2:::::::*
	cpe:2.3:o:suse:linux_enterprise:10.0:sp2::::::
	cpe:2.3:o:suse:linux_enterprise:10.0:sp3::::::

Package	CPE	Advisory	Released Date
Extras for RHEL 3
acroread-0:9.3-3	cpe:/a:redhat:rhel_extras:3	RHSA-2010:0060	2010-01-20T00:00:00Z
Extras for RHEL 4
acroread-0:9.3-1.el4	cpe:/a:redhat:rhel_extras:4	RHSA-2010:0038	2010-01-13T00:00:00Z
Supplementary for Red Hat Enterprise Linux 5
acroread-0:9.3-1.el5	cpe:/a:redhat:rhel_extras:5	RHSA-2010:0037	2010-01-13T00:00:00Z

References

Link	Providers
http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html
http://osvdb.org/60980
http://secunia.com/advisories/37690
http://secunia.com/advisories/38138
http://secunia.com/advisories/38215
http://www.adobe.com/support/security/advisories/apsa09-07.html
http://www.adobe.com/support/security/bulletins/apsb10-02.html
http://www.kb.cert.org/vuls/id/508357
http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb
http://www.redhat.com/support/errata/RHSA-2010-0060.html
http://www.securityfocus.com/bid/37331
http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214
http://www.symantec.com/connect/blogs/zero-day-xmas-present
http://www.us-cert.gov/cas/techalerts/TA10-013A.html
http://www.vupen.com/english/advisories/2009/3518
http://www.vupen.com/english/advisories/2010/0103
https://bugzilla.redhat.com/show_bug.cgi?id=547799
https://exchange.xforce.ibmcloud.com/vulnerabilities/54747
https://nvd.nist.gov/vuln/detail/CVE-2009-4324
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://www.cve.org/CVERecord?id=CVE-2009-4324

History

Tue, 04 Feb 2025 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2022-06-08'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 13 Aug 2024 23:15:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog

MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2009-12-15T02:00:00.000Z

Updated: 2025-02-04T21:45:19.338Z

Reserved: 2009-12-14T00:00:00.000Z

Link: CVE-2009-4324

Vulnrichment

Updated: 2024-08-07T07:01:20.249Z

NVD

Status : Deferred

Published: 2009-12-15T02:30:00.217

Modified: 2025-04-09T00:30:58.490

Link: CVE-2009-4324

Redhat

Severity : Critical

Publid Date: 2009-12-14T00:00:00Z

Links: CVE-2009-4324 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-12-14T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01.000Z", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"name": "37331", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/37331"}, {"tags": ["x_refsource_MISC"], "url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"}, {"name": "37690", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/37690"}, {"name": "38138", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/38138"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547799"}, {"name": "60980", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/60980"}, {"name": "VU#508357", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/508357"}, {"name": "acro-reader-unspecifed-code-execution(54747)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54747"}, {"name": "ADV-2009-3518", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/3518"}, {"tags": ["x_refsource_MISC"], "url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"}, {"name": "oval:org.mitre.oval:def:6795", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795"}, {"name": "RHSA-2010:0060", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2010-0060.html"}, {"tags": ["x_refsource_MISC"], "url": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html"}, {"name": "ADV-2010-0103", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0103"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"}, {"tags": ["x_refsource_MISC"], "url": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214"}, {"name": "38215", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/38215"}, {"name": "SUSE-SA:2010:008", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"}, {"name": "TA10-013A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-013A.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2009-4324", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "37331", "refsource": "BID", "url": "http://www.securityfocus.com/bid/37331"}, {"name": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html", "refsource": "MISC", "url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"}, {"name": "37690", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37690"}, {"name": "38138", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38138"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=547799", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547799"}, {"name": "60980", "refsource": "OSVDB", "url": "http://osvdb.org/60980"}, {"name": "VU#508357", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/508357"}, {"name": "acro-reader-unspecifed-code-execution(54747)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54747"}, {"name": "ADV-2009-3518", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/3518"}, {"name": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb", "refsource": "MISC", "url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb"}, {"name": "http://www.adobe.com/support/security/bulletins/apsb10-02.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"}, {"name": "oval:org.mitre.oval:def:6795", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795"}, {"name": "RHSA-2010:0060", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2010-0060.html"}, {"name": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html", "refsource": "MISC", "url": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html"}, {"name": "ADV-2010-0103", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0103"}, {"name": "http://www.adobe.com/support/security/advisories/apsa09-07.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"}, {"name": "http://www.symantec.com/connect/blogs/zero-day-xmas-present", "refsource": "MISC", "url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"}, {"name": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214", "refsource": "MISC", "url": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214"}, {"name": "38215", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38215"}, {"name": "SUSE-SA:2010:008", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"}, {"name": "TA10-013A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA10-013A.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T07:01:20.249Z"}, "title": "CVE Program Container", "references": [{"name": "37331", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/37331"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"}, {"name": "37690", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/37690"}, {"name": "38138", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/38138"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547799"}, {"name": "60980", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/60980"}, {"name": "VU#508357", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/508357"}, {"name": "acro-reader-unspecifed-code-execution(54747)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54747"}, {"name": "ADV-2009-3518", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/3518"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"}, {"name": "oval:org.mitre.oval:def:6795", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795"}, {"name": "RHSA-2010:0060", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2010-0060.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html"}, {"name": "ADV-2010-0103", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/0103"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214"}, {"name": "38215", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/38215"}, {"name": "SUSE-SA:2010:008", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"}, {"name": "TA10-013A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-013A.html"}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2009-4324", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-04T21:42:23.751240Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-06-08", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2009-4324"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-04T21:45:19.338Z"}}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2009-4324", "datePublished": "2009-12-15T02:00:00.000Z", "dateReserved": "2009-12-14T00:00:00.000Z", "dateUpdated": "2025-02-04T21:45:19.338Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.securityfocus.com/bid/37331", "name": "37331", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://secunia.com/advisories/37690", "name": "37690", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://secunia.com/advisories/38138", "name": "38138", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=547799", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://osvdb.org/60980", "name": "60980", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"]}, {"url": "http://www.kb.cert.org/vuls/id/508357", "name": "VU#508357", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54747", "name": "acro-reader-unspecifed-code-execution(54747)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"]}, {"url": "http://www.vupen.com/english/advisories/2009/3518", "name": "ADV-2009-3518", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"]}, {"url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795", "name": "oval:org.mitre.oval:def:6795", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"]}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0060.html", "name": "RHSA-2010:0060", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://www.vupen.com/english/advisories/2010/0103", "name": "ADV-2010-0103", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"]}, {"url": "http://www.adobe.com/support/security/advisories/apsa09-07.html", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://secunia.com/advisories/38215", "name": "38215", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html", "name": "SUSE-SA:2010:008", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "http://www.us-cert.gov/cas/techalerts/TA10-013A.html", "name": "TA10-013A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T07:01:20.249Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2009-4324", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-04T21:42:23.751240Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-06-08", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2009-4324"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-04T21:42:30.566Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-12-14T00:00:00.000Z", "references": [{"url": "http://www.securityfocus.com/bid/37331", "name": "37331", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html", "tags": ["x_refsource_MISC"]}, {"url": "http://secunia.com/advisories/37690", "name": "37690", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://secunia.com/advisories/38138", "name": "38138", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=547799", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://osvdb.org/60980", "name": "60980", "tags": ["vdb-entry", "x_refsource_OSVDB"]}, {"url": "http://www.kb.cert.org/vuls/id/508357", "name": "VU#508357", "tags": ["third-party-advisory", "x_refsource_CERT-VN"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54747", "name": "acro-reader-unspecifed-code-execution(54747)", "tags": ["vdb-entry", "x_refsource_XF"]}, {"url": "http://www.vupen.com/english/advisories/2009/3518", "name": "ADV-2009-3518", "tags": ["vdb-entry", "x_refsource_VUPEN"]}, {"url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb", "tags": ["x_refsource_MISC"]}, {"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795", "name": "oval:org.mitre.oval:def:6795", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"]}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0060.html", "name": "RHSA-2010:0060", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html", "tags": ["x_refsource_MISC"]}, {"url": "http://www.vupen.com/english/advisories/2010/0103", "name": "ADV-2010-0103", "tags": ["vdb-entry", "x_refsource_VUPEN"]}, {"url": "http://www.adobe.com/support/security/advisories/apsa09-07.html", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present", "tags": ["x_refsource_MISC"]}, {"url": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214", "tags": ["x_refsource_MISC"]}, {"url": "http://secunia.com/advisories/38215", "name": "38215", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html", "name": "SUSE-SA:2010:008", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "http://www.us-cert.gov/cas/techalerts/TA10-013A.html", "name": "TA10-013A", "tags": ["third-party-advisory", "x_refsource_CERT"]}], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe", "dateUpdated": "2017-09-18T12:57:01.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "n/a"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/37331", "name": "37331", "refsource": "BID"}, {"url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html", "name": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html", "refsource": "MISC"}, {"url": "http://secunia.com/advisories/37690", "name": "37690", "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/38138", "name": "38138", "refsource": "SECUNIA"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=547799", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=547799", "refsource": "CONFIRM"}, {"url": "http://osvdb.org/60980", "name": "60980", "refsource": "OSVDB"}, {"url": "http://www.kb.cert.org/vuls/id/508357", "name": "VU#508357", "refsource": "CERT-VN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54747", "name": "acro-reader-unspecifed-code-execution(54747)", "refsource": "XF"}, {"url": "http://www.vupen.com/english/advisories/2009/3518", "name": "ADV-2009-3518", "refsource": "VUPEN"}, {"url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb", "name": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb", "refsource": "MISC"}, {"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html", "name": "http://www.adobe.com/support/security/bulletins/apsb10-02.html", "refsource": "CONFIRM"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795", "name": "oval:org.mitre.oval:def:6795", "refsource": "OVAL"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0060.html", "name": "RHSA-2010:0060", "refsource": "REDHAT"}, {"url": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html", "name": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html", "refsource": "MISC"}, {"url": "http://www.vupen.com/english/advisories/2010/0103", "name": "ADV-2010-0103", "refsource": "VUPEN"}, {"url": "http://www.adobe.com/support/security/advisories/apsa09-07.html", "name": "http://www.adobe.com/support/security/advisories/apsa09-07.html", "refsource": "CONFIRM"}, {"url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present", "name": "http://www.symantec.com/connect/blogs/zero-day-xmas-present", "refsource": "MISC"}, {"url": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214", "name": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214", "refsource": "MISC"}, {"url": "http://secunia.com/advisories/38215", "name": "38215", "refsource": "SECUNIA"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html", "name": "SUSE-SA:2010:008", "refsource": "SUSE"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA10-013A.html", "name": "TA10-013A", "refsource": "CERT"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2009-4324", "STATE": "PUBLIC", "ASSIGNER": "psirt@adobe.com"}}}}, "cveMetadata": {"cveId": "CVE-2009-4324", "state": "PUBLISHED", "dateUpdated": "2025-02-04T21:45:19.338Z", "dateReserved": "2009-12-14T00:00:00.000Z", "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "datePublished": "2009-12-15T02:00:00.000Z", "assignerShortName": "adobe"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-06-22", "cisaExploitAdd": "2022-06-08", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Adobe Acrobat and Reader Use-After-Free Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "matchCriteriaId": "9670133C-09FA-41F2-B0F7-BFE960E30B71", "versionEndExcluding": "8.2", "versionStartIncluding": "8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA95CC75-BF25-4BEB-B646-ACDBBE32AF4F", "versionEndExcluding": "9.3", "versionStartIncluding": "9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A8B3441-727A-4A78-A5A4-5A5011075510", "versionEndExcluding": "8.2", "versionStartIncluding": "8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", "matchCriteriaId": "AADB6D5C-5448-4FF7-BB7B-3641EA56194E", "versionEndExcluding": "9.3", "versionStartIncluding": "9.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:-:*:*:*:*:*:*", "matchCriteriaId": "C76D0C17-2AFF-4209-BBCD-36166DF7F974", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise:10.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "6A3B50EE-F432-40BE-B422-698955A6058D", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise:10.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "1193A7E6-DCB4-4E79-A509-1D6948153A57", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009."}, {"lang": "es", "value": "La vulnerabilidad de uso de la memoria previamente liberada (Use-after-free) en la funci\u00f3n Doc.media.newPlayer en el archivo Multimedia.api en Adobe Reader y Acrobat versi\u00f3n 9.x anterior a 9.3, y versi\u00f3n 8.x anterior a 8.2 en Windows y Mac OS X, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado utilizando una transmisi\u00f3n comprimida ZLib, tal como se explot\u00f3 \u201cin the wild\u201d en diciembre de 2009."}], "id": "CVE-2009-4324", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2009-12-15T02:30:00.217", "references": [{"source": "psirt@adobe.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"}, {"source": "psirt@adobe.com", "tags": ["Exploit", "Third Party Advisory"], "url": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html"}, {"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"}, {"source": "psirt@adobe.com", "tags": ["Broken Link"], "url": "http://osvdb.org/60980"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/37690"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/38138"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/38215"}, {"source": "psirt@adobe.com", "tags": ["Vendor Advisory"], "url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"}, {"source": "psirt@adobe.com", "tags": ["Not Applicable"], "url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/508357"}, {"source": "psirt@adobe.com", "tags": ["Broken Link"], "url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb"}, {"source": "psirt@adobe.com", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2010-0060.html"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/37331"}, {"source": "psirt@adobe.com", "tags": ["Broken Link"], "url": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214"}, {"source": "psirt@adobe.com", "tags": ["Broken Link"], "url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-013A.html"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2009/3518"}, {"source": "psirt@adobe.com", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2010/0103"}, {"source": "psirt@adobe.com", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547799"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54747"}, {"source": "psirt@adobe.com", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://osvdb.org/60980"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/37690"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/38138"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://secunia.com/advisories/38215"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/508357"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2010-0060.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/37331"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-013A.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2009/3518"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.vupen.com/english/advisories/2010/0103"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547799"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54747"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-416"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2010:0060", "cpe": "cpe:/a:redhat:rhel_extras:3", "package": "acroread-0:9.3-3", "product_name": "Extras for RHEL 3", "release_date": "2010-01-20T00:00:00Z"}, {"advisory": "RHSA-2010:0038", "cpe": "cpe:/a:redhat:rhel_extras:4", "package": "acroread-0:9.3-1.el4", "product_name": "Extras for RHEL 4", "release_date": "2010-01-13T00:00:00Z"}, {"advisory": "RHSA-2010:0037", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "acroread-0:9.3-1.el5", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2010-01-13T00:00:00Z"}], "bugzilla": {"description": "acroread: media.newplayer JavaScript API code execution vulnerability (APSB10-02)", "id": "547799", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547799"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009."], "name": "CVE-2009-4324", "public_date": "2009-12-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2009-4324\nhttps://nvd.nist.gov/vuln/detail/CVE-2009-4324\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "threat_severity": "Critical"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation active

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object