 |
 Adobe Reader PDF Document Metadata XML Bomb Denial of Service Vulnerability (APSB09-15)
Industry Reference:CVE-2009-2979.
A denial of service vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Portable Document Format (PDF) is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation of this issue will cause the application to become non-responsive. This protection will detect and block attempts to transfer malformed PDF files over HTTP.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A new protection is now available.
CPAI-2009-236.
Adobe Reader Compact Font Format Index Memory Corruption Vulnerability (APSB09-15)Industry Reference:CVE-2009-2985.
A memory corruption vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Portable Document Format (PDF) is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation of this issue will cause the application to become non-responsive, and may allow execution of arbitrary code on an affected system. This protection will detect and block attempts to transfer malformed PDF files over HTTP.
Security Gateway R70: A new protection is now available.
CPAI-2009-238.
Adobe Reader Decode Object Integer Overflow Vulnerability (APSB09-15)Industry Reference:CVE-2009-2980.
An integer overflow vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Portable Document Format (PDF) is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation of this issue will cause the application to become non-responsive. This protection will detect and block attempts to transfer malformed PDF files over HTTP.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A new protection is now available.
CPAI-2009-240.
Adobe Reader JavaScript Collab.removeStateModel Function Denial of Service Vulnerability (APSB09-15)Industry Reference:CVE-2009-2988.
A denial of service vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Portable Document Format (PDF) is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation of this issue will cause the application to become non-responsive. This protection will detect and block attempts to transfer malformed PDF files over HTTP.
Security Gateway R70: A new protection is now available.
CPAI-2009-242.
Adobe Reader JavaScript Collab.addStateModel Function Memory Corruption Vulnerability (APSB09-15)Industry Reference:CVE-2009-2996.
A memory corruption vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Portable Document Format (PDF) is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation of this issue will cause the application to become non-responsive. This protection will detect and block attempts to transfer malformed PDF files over HTTP.
Security Gateway R70: A new protection is now available.
CPAI-2009-244.
Adobe Reader DOC.Export Methods Arbitrary File Creation Vulnerability (APSB09-15)Industry Reference:CVE-2009-2993.
A vulnerability has been discovered in Adobe Reader. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Portable Document Format (PDF) is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation of this issue will allow the attacker to create arbitrary files and folders on a targeted file system. This protection will detect and block attempts to transfer malformed PDF files over HTTP.
Security Gateway R70: A new protection is now available.
CPAI-2009-246.
Adobe Reader AcroPDF ActiveX Control Remote Denial of Service Vulnerability (APSB09-15)Industry References:CVE-2009-2987, CVE-2009-2992.
A denial of service vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability by convincing a user to visit a specially crafted Web page. Successful exploitation of this issue will cause the application to become non-responsive. This protection will detect and block the vulnerable ActiveX control.
Security Gateway R70: A new protection is now available.
CPAI-2009-248.
Adobe Reader JPEG2000 Quantization Component Buffer Overflow Vulnerability (APSB09-15)Industry Reference:CVE-2009-2994.
A buffer overflow vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Portable Document Format (PDF) is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation of this issue will cause the application to become non-responsive, and may allow execution of arbitrary code on an affected system. This protection will detect and block attempts to transfer malformed PDF files over HTTP.
Security Gateway R70: A new protection is now available.
CPAI-2009-250.
TIFF Image Improper Dimensions VulnerabilityIndustry Reference:CVE-2009-2995.
A denial of service vulnerability has been discovered in Adobe Acrobat. A remote attacker may trigger this issue via a specially crafted TIFF file. Tagged Image File Format (TIFF) is a container format for storing images, including photographs and line art. Successful exploitation of this issue will cause the application to become non-responsive. This protection will detect and block attempts to transfer malformed TIFF files over HTTP.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A new protection is now available.
CPAI-2009-252.
BMP Image Improper Dimensions VulnerabilityIndustry Reference:CVE-2009-2989.
A buffer oveflow vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker may trigger this issue via a specially crafted BMP file. BMP is an image file format used to store bitmap digital images. A remote attacker could exploit this issue via a malformed BMP file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. This protection will detect and block attempts to transfer malformed BMP files over HTTP.
IPS-1 & IPS-1 NGX R65: A new protection is now available.
Security Gateway R70: A new protection is now available.
CPAI-2009-254.
PNG Image Invalid sPLT Chunk VulnerabilityIndustry Reference:CVE-2009-2984.
A denial of service vulnerability has been discovered in Adobe Acrobat. A remote attacker may trigger this issue via a specially crafted PNG file. The Portable Network Graphics (PNG) specification is an image format used as an alternative to other image formats such as the GIF and TIFF formats. Successful exploitation of this issue will cause the application to become non-responsive. This protection will detect and block attempts to transfer malformed PNG files over HTTP.
Security Gateway R70: A new protection is now available.
CPAI-2009-256.
Adobe Reader U3D File Invalid Array Index Remote Code Execution Vulnerability (APSB09-15)Industry Reference:CVE-2009-2990.
A remote code execution vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Portable Document Format (PDF) is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation of this issue will cause the application to become non-responsive, and may allow execution of arbitrary code on an affected system. This protection will detect and block attempts to transfer malformed PDF files over HTTP.
Security Gateway R70: A new protection is now available.
CPAI-2009-258.
Adobe Reader and Acrobat Mozilla plug-in Remote Code Execution Vulnerability (APSB09-15)Industry Reference:CVE-2009-2991.
A remote code execution vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker could implant a shell code on a target system using heap spray exploitation method. Heap spraying is a technique for exploiting vulnerabilities in internet browsers (e.g. Internet Explorer, Firefox). This protection will detect and block a large number of known shell code exploits.
Security Gateway R70: Preemptive protection is provided by this product.
VPN-1 NGX R65 & VSX NGX R65: Preemptive protection is provided by this product.
CPAI-2009-260.
|
October 14, 2009
 |
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe
As always, please feel free to contact us directly if you have any comments or questions.
Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065 |
|