KLA10033
Multiple ACE vulnerabilities in Adobe Acrobat & Reader
Updated: 06/17/2019
Detect date
?
06/09/2009
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Adobe Acrobat & Reader.

getAnnots and customDictionaryOpen methods in JavaScript API can be exploited to cause denial of service or execute arbitrary code through a specially designed pdf file.

Affected products

Adobe Acrobat & Reader 9 versions 9.1 and earlier
Adobe Acrobat & Reader 8 versions 8.1.4 and earlier
Adobe Acrobat & Reader versions 7.1.1 and earlier

Solution

Update to latest version
Reader

Original advisories

Adobe bulletin

Impacts
?
ACE 
[?]

DoS 
[?]
Related products
Adobe Reader
Adobe Acrobat
CVE-IDS
?
CVE-2009-14936.8High
CVE-2009-14929.3Critical