Check Point Advisories

Preemptive Protection against Adobe Reader Null-Pointer Dereference Denial of Service Vulnerability (APSB10-02)

Check Point Reference: CPAI-2010-008
Date Published: 13 Jan 2010
Severity: High
Last Updated: Friday 01 January, 2010
Source: Adobe Security Bulletin - APSB10-02
Industry Reference:CVE-2009-3957
Protection Provided by:
Who is Vulnerable? Adobe Reader 9.2 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.2 and earlier versions for Windows and Macintosh
Vulnerability Description A denial of service vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file. Portable Document Format (PDF) is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation of this issue will cause the application to become non-responsive.
Update/Patch AvaliableUpdate patches:
Adobe Security Bulletin - APSB10-02
Vulnerability DetailsThe vulnerability is due to a flaw in Adobe products when parsing a FlateDecode filter inside a PDF file. A remote attacker could trigger this issue via a specially crafted PDF file. Successful exploitation will create a denial of service condition, causing the application to become non-responsive once a malicious PDF file is loaded on a vulnerable system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK