| Date (UTC) | Description |
| 2009-06-11 18:21 |
FortiGuard
FGA-2009-25: Acrobat TrueType Font Processing Memory Corruption Vulnerability
TrueType Font Processing Memory Corruption Vulnerability (CVE-2009-1857)
Vulnerability Disclosure
|
| 2009-06-10 16:02 |
US-CERT
TA09-161A: Adobe Acrobat and Reader Vulnerabilities
Via US-CERT Mailing List
|
| 2009-06-10 13:15 |
US-CERT
Adobe Releases Security Updates for Adobe Reader and Acrobat
US-CERT Current Activity
Adobe has released security updates to address multiple vulnerabilities that affect versions of Reader and Acrobat up to and including Reader 9.1.1 and Acrobat 9.1.1. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
|
| 2009-06-09 22:52 |
SANS Internet Storm Center
Adobe June Black Tuesday upgrades (Version: 2)
Adobe will add to the workload by releasing their patches on a quarterly schedule to concide with the Microsoft monthly scheme.
|
| 2009-06-09 14:09 |
Adobe
Security Bulletin - Adobe Reader and Acrobat
Adobe Product Security Incident Response Team (PSIRT)
Today we posted a Security Bulletin and provided Adobe Reader and Acrobat patches to our Product Update area. This is the first quarterly security update for Adobe Reader and Acrobat as described in our May 20 blog post, and incorporates the initial output of code hardening efforts. Todayfs updates also address externally reported issues, as detailed in our Security Bulletin. Adobe is not currently aware of any exploits in the wild for these issues.
|
| 2009-06-09 |
Adobe
apsb09-07: Security Updates available for Adobe Reader and Acrobat
Adobe recommends users of Adobe Reader 9 and Acrobat 9 and earlier versions update to Adobe Reader 9.1.2 and Acrobat 9.1.2. Adobe recommends users of Acrobat 8 update to Acrobat 8.1.6, and users of Acrobat 7 update to Acrobat 7.1.3. For Adobe Reader users who canft update to Adobe Reader 9.1.2, Adobe has provided the Adobe Reader 8.1.6 and Adobe Reader 7.1.3 updates. Updates apply to Windows and Macintosh.
|
| 2009-05-07 |
VUPEN Security
VUPEN-SR-2009-04: Adobe Acrobat and Reader JBIG2 Filter Heap Overflow Vulnerability
JBIG2 Filter Heap Overflow Vulnerability (CVE-2009-0509)
Vulnerability Reported
This vulnerability is caused by an integer overflow error within the JBIG2 filter when processing certain data streams within a PDF file, which could allow attackers to cause a heap overflow and execute arbitrary code by tricking a user into opening a specially crafted document.
|
| 2009-04-14 |
Secunia Research
2009-24: Adobe Reader JBIG2 Text Region Segment Buffer Overflow
JBIG2 Text Region Segment Buffer Overflow (CVE-2009-0198)
Vulnerability Reported
|
| 2009-02-25 |
iDefense
Adobe Reader and Acrobat FlateDecode Integer Overflow Vulnerability
FlateDecode Integer Overflow Vulnerability (CVE-2009-1856)
Vulnerability Reported
The vulnerability occurs when parsing a FlateDecode filter inside a PDF file. FlateDecode is a filter for data compressed with zlib deflate compression method. Several parameters can be specified for the FlateDecode filter.
|
| 2009-02-24 |
Zero Day Initiative (ZDI)
ZDI-09-042: Adobe Reader U3D RHAdobeMeta Stack Overflow Vulnerability
U3D RHAdobeMeta Stack Overflow Vulnerability (CVE-2009-1855)
Vulnerability Reported
The specific flaw exists when parsing malformed U3D model files contained in a PDF. When a specially crafted extension block of a model is processed, insufficient bounds checking is done before a call to wcsncpy(). Because of this a stack overflow can occur resulting in reliable code execution. Proper exploitation of this vulnerability will result in system compromise under the credentials of the currently logged in user.
|
