What is the severity of CVE-2009-1856?

CVE-2009-1856 is classified as a moderate severity vulnerability due to its potential to cause denial of service or remote code execution.

How do I fix CVE-2009-1856?

To remediate CVE-2009-1856, upgrade Adobe Reader and Acrobat to versions 7.1.3, 8.1.6, or 9.1.2 or later.

Which versions of Adobe Reader are affected by CVE-2009-1856?

CVE-2009-1856 affects Adobe Reader versions 7 prior to 7.1.3, 8 prior to 8.1.6, and 9 prior to 9.1.2.

What type of vulnerability is CVE-2009-1856?

CVE-2009-1856 is an integer overflow vulnerability that can lead to denial of service and potentially allow arbitrary code execution.

Can CVE-2009-1856 be exploited remotely?

Yes, CVE-2009-1856 can be exploited remotely through specially crafted PDF files.

Vulnerability/
CVE-2009-1856

critical

9.3

CWE

189 119 190

11/6/2009

17/8/2017

CVE-2009-1856: Buffer Overflow

First published: Thu Jun 11 2009(Updated: )

Integer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows attackers to cause a denial of service or possibly execute arbitrary code via a PDF file containing unspecified parameters to the FlateDecode filter, which triggers a heap-based buffer overflow.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Adobe Acrobat Reader Notification Manager	=9
Adobe Acrobat Reader Notification Manager	=7.0.9
Adobe Acrobat Reader	=8.0
Adobe Acrobat Reader	=7.0.6
Adobe Acrobat Reader	=8.1.2
Adobe Acrobat Reader	=7.1
Adobe Acrobat Reader	=8.1.4
Adobe Acrobat Reader	=7.1
Adobe Acrobat Reader	=8.1.1
Adobe Acrobat Reader	=8.0
Adobe Acrobat Reader	=9.1
Adobe Acrobat Reader	=8.1.4
Adobe Acrobat Reader Notification Manager	=7.0.5
Adobe Acrobat Reader Notification Manager	=7.0.6
Adobe Acrobat Reader	=8.1.1
Adobe Acrobat Reader	=7.0.2
Adobe Acrobat Reader	=7.0.3
Adobe Acrobat Reader	=7.0
Adobe Acrobat Reader	=7.1.0
Adobe Acrobat Reader	=7.0
Adobe Acrobat Reader Notification Manager	=9.1
Adobe Acrobat Reader	=7.0.8
Adobe Acrobat Reader Notification Manager	=7.0.8
Adobe Acrobat Reader	=7.1.1
Adobe Acrobat Reader	=7.0.5
Adobe Acrobat Reader	=8.1
Adobe Acrobat Reader	=8.1.1
Adobe Acrobat Reader	=8.1
Adobe Acrobat Reader	=9.0
Adobe Acrobat Reader Notification Manager	=8.0
Adobe Acrobat Reader	=7.0.6
Adobe Acrobat Reader Notification Manager	=7.0.7
Adobe Acrobat Reader Notification Manager	=8.1.5
Adobe Acrobat Reader	=7.0.3
Adobe Acrobat Reader	=7.0.4
Adobe Acrobat Reader	=7.0.6
Adobe Acrobat Reader	=7.1
Adobe Acrobat Reader	=9
Adobe Acrobat Reader	=7.0.5
Adobe Acrobat Reader Notification Manager	=7.0.3
Adobe Acrobat Reader	=7.0.2
Adobe Acrobat Reader Notification Manager	=9.1.1
Adobe Acrobat Reader	=8.1.3
Adobe Acrobat Reader Notification Manager	=7.0.1
Adobe Acrobat Reader	=9.1
Adobe Acrobat Reader	=7.0.7
Adobe Acrobat Reader	=8.1.2
Adobe Acrobat Reader Notification Manager	=7.0.2
Adobe Acrobat Reader	=7.1.1
Adobe Acrobat Reader Notification Manager	=7.0
Adobe Acrobat Reader Notification Manager	=8.1.4
Adobe Acrobat Reader	=7.0.7
Adobe Acrobat Reader	=8.1.4
Adobe Acrobat Reader Notification Manager	=8.1.2
Adobe Acrobat Reader	=7.0.9
Adobe Acrobat Reader	=7.0.8
Adobe Acrobat Reader Notification Manager	=8.1.1
Adobe Acrobat Reader	=7.0.1
Adobe Acrobat Reader	=7.0.1
Adobe Acrobat Reader	=7.0.5
Adobe Acrobat Reader Notification Manager	=8.1
Adobe Acrobat Reader	=7.0.4
Adobe Acrobat Reader	=8.0
Adobe Acrobat Reader	=7.0.7
Adobe Acrobat Reader Notification Manager	=8.1.3
Adobe Acrobat Reader Notification Manager	=7.1.1
Adobe Acrobat Reader	=7.0.4
Adobe Acrobat Reader	=9.0.0
Adobe Acrobat Reader	=8.1.3
Adobe Acrobat Reader	=7.0.9
Adobe Acrobat Reader Notification Manager	=8.1.2-security_update
Adobe Acrobat Reader	=7.0.8
Adobe Acrobat Reader	=7.0.2
Adobe Acrobat Reader	=8.1.2
Adobe Acrobat Reader Notification Manager	=7.1
Adobe Acrobat Reader	=7.0.3
Adobe Acrobat Reader	=7.0
Adobe Acrobat Reader	=8.1.2-security_update
Adobe Acrobat Reader	=8.1.3
Adobe Acrobat Reader	=9.0
Adobe Acrobat Reader Notification Manager	=7.0.4
Adobe Acrobat Reader	=7.0.1
Adobe Acrobat Reader	=7.0.8

Remedy

http://www.adobe.com/support/security/bulletins/apsb09-07.html

Remedy

http://www.vupen.com/english/advisories/2009/1547

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-1856?
CVE-2009-1856 is classified as a moderate severity vulnerability due to its potential to cause denial of service or remote code execution.
How do I fix CVE-2009-1856?
To remediate CVE-2009-1856, upgrade Adobe Reader and Acrobat to versions 7.1.3, 8.1.6, or 9.1.2 or later.
Which versions of Adobe Reader are affected by CVE-2009-1856?
CVE-2009-1856 affects Adobe Reader versions 7 prior to 7.1.3, 8 prior to 8.1.6, and 9 prior to 9.1.2.
What type of vulnerability is CVE-2009-1856?
CVE-2009-1856 is an integer overflow vulnerability that can lead to denial of service and potentially allow arbitrary code execution.
Can CVE-2009-1856 be exploited remotely?
Yes, CVE-2009-1856 can be exploited remotely through specially crafted PDF files.

agent/type
agent/remedy
agent/last-modified-date
agent/first-publish-date
agent/weakness
agent/author
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/description
agent/event
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/adobe
canonical/adobe acrobat reader notification manager
version/adobe acrobat reader notification manager/9
version/adobe acrobat reader notification manager/7.0.9
canonical/adobe acrobat reader
version/adobe acrobat reader/8.0
version/adobe acrobat reader/7.0.6
version/adobe acrobat reader/8.1.2
version/adobe acrobat reader/7.1
version/adobe acrobat reader/8.1.4
version/adobe acrobat reader/8.1.1
version/adobe acrobat reader/9.1
version/adobe acrobat reader notification manager/7.0.5
version/adobe acrobat reader notification manager/7.0.6
version/adobe acrobat reader/7.0.2
version/adobe acrobat reader/7.0.3
version/adobe acrobat reader/7.0
version/adobe acrobat reader/7.1.0
version/adobe acrobat reader notification manager/9.1
version/adobe acrobat reader/7.0.8
version/adobe acrobat reader notification manager/7.0.8
version/adobe acrobat reader/7.1.1
version/adobe acrobat reader/7.0.5
version/adobe acrobat reader/8.1
version/adobe acrobat reader/9.0
version/adobe acrobat reader notification manager/8.0
version/adobe acrobat reader notification manager/7.0.7
version/adobe acrobat reader notification manager/8.1.5
version/adobe acrobat reader/7.0.4
version/adobe acrobat reader/9
version/adobe acrobat reader notification manager/7.0.3
version/adobe acrobat reader notification manager/9.1.1
version/adobe acrobat reader/8.1.3
version/adobe acrobat reader notification manager/7.0.1
version/adobe acrobat reader/7.0.7
version/adobe acrobat reader notification manager/7.0.2
version/adobe acrobat reader notification manager/7.0
version/adobe acrobat reader notification manager/8.1.4
version/adobe acrobat reader notification manager/8.1.2
version/adobe acrobat reader/7.0.9
version/adobe acrobat reader notification manager/8.1.1
version/adobe acrobat reader/7.0.1
version/adobe acrobat reader notification manager/8.1
version/adobe acrobat reader notification manager/8.1.3
version/adobe acrobat reader notification manager/7.1.1
version/adobe acrobat reader/9.0.0
version/adobe acrobat reader notification manager/8.1.2-security_update
version/adobe acrobat reader notification manager/7.1
version/adobe acrobat reader/8.1.2-security_update
version/adobe acrobat reader notification manager/7.0.4

CVE-2009-1856: Buffer Overflow

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-1856?

How do I fix CVE-2009-1856?

Which versions of Adobe Reader are affected by CVE-2009-1856?

What type of vulnerability is CVE-2009-1856?

Can CVE-2009-1856 be exploited remotely?

Company

Resources

Contact