CVE-2009-1861

Common Vulnerabilities and Exposures

CVE-2009-1861 at MITRE

Details

Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file with a JPX (aka JPEG2000) stream that triggers heap memory corruption.

Novell Bugzilla entry: 511566,550012

SUSE Security Advisories:

SUSE-SA:2009:035 , published Wed, 01 Jul 2009 17:00:00 +0000
SUSE-SR:2009:012 , published Fri, 03 Jul 2009 16:00:00 +0000
SUSE-SR:2009:014 , published Tue, 01 Sep 2009 07:00:00 +0000

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T SUSE Linux Enterprise Desktop 10 SP2 for x86	`acroread >= 8.1.6-0.3`	sled10-sp2. x86 sled10-sp2. x86-64 ZYPP Patch Nr: 6331
openSUSE 10.3 openSUSE 11.0	`acroread >= 8.1.6-0.1`	ZYPP Patch Nr: 6332 SAT Patch Nr: 1060
openSUSE 11.1	`acroread >= 8.1.6-0.1.1`	ZYPP Patch Nr: 6332 SAT Patch Nr: 1060
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T SUSE Linux Enterprise Desktop 10 SP2 for x86	`acroread_ja >= 8.1.6-0.4`	sled10-sp2. x86 sled10-sp2. x86-64 ZYPP Patch Nr: 6398
SLES 11 DEBUGINFO	`acroread-debuginfo >= 8.1.6-0.1.1`	sle11-debuginfo. x86 sle11-debuginfo. x86-64 sle11-debuginfo. x86 sle11-debuginfo. x86-64 SAT Patch Nr: 1059
SLED 11	`acroread >= 8.1.6-0.1.1`	sle11-debuginfo. x86 sle11-debuginfo. x86-64 sle11-debuginfo. x86 sle11-debuginfo. x86-64 SAT Patch Nr: 1059
SLED 11	`acroread_ja >= 8.1.6-0.1.1`	sle11. x86 sle11. x86-64 SAT Patch Nr: 1170