Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Adobe Reader and Acrobat Doc.media.newPlayer Memory Corruption Vulnerability

(Adobe Security Bulletin - APSA09-07, CVE-2009-4324 )

A memory corruption vulnerability has been reported in the popular Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system.

The vulnerability is due to an error in the implementation of the Doc.media.newPlayer JavaScript method in Adobe Reader and Acrobat. A remote attacker could trigger this flaw via a specially crafted PDF file containing the vulnerable JavaScript method. Successful exploitation allows execution of arbitrary code once a malicious PDF file is loaded on a vulnerable system.

Check Point provides pre-emptive protection against exploits that use this vulnerability through it integrated IPS offerings. Check Point SmartDefense and Check Point IPS Software Blade detect and block any attempt to transfer PDF files that contain embedded JavaScript over HTTP. No update is required to address this vulnerability. For more information, see CPAI-2009-295.