Adobe Acrobat <= 9.1.3 - Stack Exhaustion Denial of Service Vulnerability

EDB-ID: 33017 CVE: 2009-3431 OSVDB-ID: 58415
Verified: Author: Saint Patrick Published: 2009-05-29
Download Exploit: Source Raw Download Vulnerable App: N/A

Adobe Acrobat is prone to a denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to cause the affected application to crash, effectively denying service. Attackers may also be able to execute arbitrary code, but this has not been confirmed.

Acrobat 9.1.1 is vulnerable; other versions may also be affected.

NOTE: This BID was previously classified as a buffer-overflow issue, but further analysis reveals that it is a stack-exhaustion issue. Code execution is unlikely.