Adobe.Reader.Acrobat.JBIG2.Stream.Index

Name	Adobe.Reader.Acrobat.JBIG2.Stream.Index.Code.Execution
Last Updated Date	Mar 12, 2009
Release Date	Feb 26, 2009
Severity	Critical
Impact	System Compromise: Remote attackers can gain control of vulnerable systems.
Description	This indicates an attempt to exploit a memory-corruption vulnerability in the Adobe PDF reader JavaScript engine. By passing crafted JBIG2 Image Stream, an attacker can execute arbitrary code on a vulnerable computer. To exploit this the attacker must trick the victim into opening a maliciously crafted PDF document.
Affected Products	Adobe Acrobat Standard older than 7.1.1 Adobe Acrobat Standard older than 8.1.4 Adobe Acrobat Standard older than 9.1
Recommended Actions	Apply the most recent upgrades or patches from the vendor: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows
Common Vulnerabilities and Exposures (CVE)	http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-0658
Reference/s	http://www.securityfocus.com/bid/33751 (BugTraq) http://milw0rm.com/exploits/8099 http://milw0rm.com/exploits/8280 http://milw0rm.org/exploits/8090 http://www.adobe.com/support/security/advisories/apsa09-01.html http://www.adobe.com/support/security/bulletins/apsb09-03.html

Reference: VID-17271