Adobe Acrobat <= 9.1.3 - Stack Exhaustion Denial of Service Vulnerability



EDB-ID: 33017 CVE: 2009-3431 OSVDB-ID: 58415
Author: Saint Patrick Published: 2009-05-29 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
source: http://www.securityfocus.com/bid/35148/info

Adobe Acrobat is prone to a denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to cause the affected application to crash, effectively denying service. Attackers may also be able to execute arbitrary code, but this has not been confirmed.

Acrobat 9.1.1 is vulnerable; other versions may also be affected.

NOTE: This BID was previously classified as a buffer-overflow issue, but further analysis reveals that it is a stack-exhaustion issue. Code execution is unlikely. 

http://www.exploit-db.com/sploits/33017.pdf