Launchpad.net

CVE 2009-0928

Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table.

Related bugs and status

CVE-2009-0928 (Candidate) is related to these bugs:

Bug #350239: New upstream acroread releases: 8.1.4 and 9.1

		In	Importance	Status
350239	New upstream acroread releases: 8.1.4 and 9.1	Medibuntu	Medium	Won't Fix
350239	New upstream acroread releases: 8.1.4 and 9.1	Medibuntu gutsy	High	Won't Fix
350239	New upstream acroread releases: 8.1.4 and 9.1	Medibuntu hardy	High	Won't Fix
350239	New upstream acroread releases: 8.1.4 and 9.1	Medibuntu intrepid	High	Won't Fix
350239	New upstream acroread releases: 8.1.4 and 9.1	Medibuntu jaunty	Medium	Won't Fix

Bug #384168: Please update Adobe Reader to either version 8.1.6 or 9.1.3

Summary				In	Importance	Status
	384168	Please update Adobe Reader to either version 8.1.6 or 9.1.3		The Dell Mini Project	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

IDEFENSE: 20090324 Adobe Reader ...
CONFIRM: http://www.adobe.com/s...
REDHAT: RHSA-2009:0376
BID: 34229
SECTRACK: 1021892
SECUNIA: 34392
SUSE: SUSE-SA:2009:014
SECUNIA: 34490
SUNALERT: 256788
SECUNIA: 34706
GENTOO: GLSA-200904-17
SUSE: SUSE-SR:2009:009
SECUNIA: 34790
VUPEN: ADV-2009-1019