OSVDB ID: 52073

Title: Adobe Reader / Acrobat Document Handling JBIG2 Compression Overflow

Info

Disclosure

Feb 20, 2009

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A buffer overflow exists in Acrobat and Acrobat Reader. They fail to validate PDF files which use JBIG2 compression routines resulting in a buffer overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Local / Remote, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Third-Party Solution
Exploit: Exploit Public, Exploit Commercial, Virus / Malware
Disclosure: Vendor Verified, Uncoordinated Disclosure, Discovered in the Wild

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Adobe Systems Incorporated

Acrobat

9.0

Acrobat Reader

9.0

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/52073