NVD

Id
51447  
Name
CVE-2009-4324  
Description
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2009-12-14  
Modified Date
2010-08-21  
Seq
2009-4324  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
260963 51447 CVE-2009-4324 http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html  View
260964 51447 CVE-2009-4324 http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html  View
260965 51447 CVE-2009-4324 SUSE-SA:2010:008  View
260966 51447 CVE-2009-4324 oval:org.mitre.oval:def:6795  View
260967 51447 CVE-2009-4324 http://www.adobe.com/support/security/advisories/apsa09-07.html  View
260968 51447 CVE-2009-4324 http://www.adobe.com/support/security/bulletins/apsb10-02.html  View
260969 51447 CVE-2009-4324 VU#508357  View
260970 51447 CVE-2009-4324 http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb  View
260971 51447 CVE-2009-4324 RHSA-2010:0060  View
260972 51447 CVE-2009-4324 37331  View
260973 51447 CVE-2009-4324 http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214  View
260974 51447 CVE-2009-4324 http://www.symantec.com/connect/blogs/zero-day-xmas-present  View
260975 51447 CVE-2009-4324 TA10-013A  View
260976 51447 CVE-2009-4324 ADV-2009-3518  View
260977 51447 CVE-2009-4324 ADV-2010-0103  View
260978 51447 CVE-2009-4324 acro-reader-unspecifed-code-execution(54747)  View
260979 51447 CVE-2009-4324 https://bugzilla.redhat.com/show_bug.cgi?id=547799  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
41444 JVNDB-2009-002451 Adobe Reader および Acrobat における解放済みメモリを使用する脆弱性 Adobe Reader および Acrobat の Doc.media.newPlayer メソッドには、解放済みメモリを使用する (use-after-free) 脆弱性が存在します。 CVE-2009-4324 41755 CVE-2009-4324 51447 9.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002451.html 2009-12-16 2010-01-27 View