Intrusion PreventionAdobe.Reader.FDF.JavaScript.Execution
Description
This indicates an attack attempt against a JavaScript execution vulnerability
in Adobe software.
The vulnerability is caused by an error when the vulnerable software handles
a malicious FDF file. It allows a remote attacker to execute
JavaScript via sending a crafted web page.
Affected Products
Adobe Reader 9.2 and earlier versions for Windows, Macintosh, and UNIX.
Adobe Acrobat 9.2 and earlier versions for Windows and Macintosh.
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Adobe Reader users on Windows, Macintosh and UNIX can find the appropriate update here:
http://get.adobe.com/reader.
Acrobat
Acrobat Standard and Pro users on Windows can find the appropriate update here:
http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows.
Acrobat Pro Extended users on Windows can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=158&platform=Windows.
Acrobat 3D users on Windows can find the appropriate update here:
http://www.adobe.com/support/downloads/product.jsp?product=112&platform=Windows.
Acrobat Pro users on Macintosh can find the appropriate update here:
http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-01-11 | 16.995 |
| ID | 18105 |
| Created | Jan 12, 2010 |
| Updated | Jan 08, 2021 |
| Risk |
|
| CVE ID | CVE-2013-5325 CVE-2009-3956 |
| Exploit Prediction Score | 3.24% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Adobe |