CVE-2009-4324

HIGH KEV

Adobe Reader/Acrobat <9.3-8.2 - RCE

Title source: llm

Description

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.

Exploits (5)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/16623

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/16503

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Ahmed Obied · pythonlocalwindows

https://www.exploit-db.com/exploits/10618

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by unknown, hdm, pusscat, jduck, jabra · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/adobe_media_newplayer.rb

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by unknown, hdm, pusscat, jduck · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/adobe_media_newplayer.rb

View Code ZIP pw:eip

References (22)

[Broken Link, Vendor Advisory] http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html

[Exploit, Third Party Advisory] http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html

[Broken Link] http://osvdb.org/60980

[Broken Link, Vendor Advisory] http://secunia.com/advisories/37690

[Broken Link, Vendor Advisory] http://secunia.com/advisories/38138

[Broken Link, Vendor Advisory] http://secunia.com/advisories/38215

[Vendor Advisory] http://www.adobe.com/support/security/advisories/apsa09-07.html

[Not Applicable] http://www.adobe.com/support/security/bulletins/apsb10-02.html

[Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/508357

[Broken Link] http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb

[Broken Link] http://www.redhat.com/support/errata/RHSA-2010-0060.html

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/37331

[Broken Link] http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214

[Broken Link] http://www.symantec.com/connect/blogs/zero-day-xmas-present

[Third Party Advisory, US Government Resource] http://www.us-cert.gov/cas/techalerts/TA10-013A.html

[Broken Link, Vendor Advisory] http://www.vupen.com/english/advisories/2009/3518

[Broken Link] http://www.vupen.com/english/advisories/2010/0103

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=547799

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/54747

... and 2 more

Scores

CVSS v3 7.8

EPSS 0.9286

EPSS Percentile 99.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-06-08

VulnCheck KEV 2009-12-15

InTheWild.io 2018-10-30

ENISA EUVD EUVD-2009-4292

CWE

CWE-416

Status published

Products (6)

adobe/acrobat 8.0 - 8.2

adobe/acrobat_reader 8.0 - 8.2

opensuse/opensuse 11.1

opensuse/opensuse 11.2

suse/linux_enterprise 10.0 sp2 (2 CPE variants)

suse/linux_enterprise_debuginfo 11

Published Dec 15, 2009

KEV Added Jun 08, 2022

Tracked Since Feb 18, 2026