CVE-2009-4324
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- December 14, 2009
- Published Date
- December 15, 2009
- Last Updated
- February 04, 2025
- Vendor
- Adobe
- Product
- Reader and Acrobat
- Description
- Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.
- Tags
- Exploitation
- active
- Technical Impact
- total
- Exploited in the Wild
- Yes (2022-06-08 00:00:00 UTC) Source
windows
macos
cisa
metasploit_scanner
CVSS Scores
CVSS v3.1
7.8 - HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS v2.0
9.3
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
SSVC Information
Exploit Status
References
http://www.securityfocus.com/bid/37331
http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
http://secunia.com/advisories/37690
http://secunia.com/advisories/38138
https://bugzilla.redhat.com/show_bug.cgi?id=547799
http://osvdb.org/60980
http://www.kb.cert.org/vuls/id/508357
https://exchange.xforce.ibmcloud.com/vulnerabilities/54747
http://www.vupen.com/english/advisories/2009/3518
http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb
http://www.adobe.com/support/security/bulletins/apsb10-02.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795
http://www.redhat.com/support/errata/RHSA-2010-0060.html
http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html
http://www.vupen.com/english/advisories/2010/0103
http://www.adobe.com/support/security/advisories/apsa09-07.html
http://www.symantec.com/connect/blogs/zero-day-xmas-present
http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214
http://secunia.com/advisories/38215
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html
http://www.us-cert.gov/cas/techalerts/TA10-013A.html
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2022-06-08 00:00:00 UTC |
Scanner Integrations
| Scanner | URL | Date Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/adobe_media_newplayer.rb | 2025-04-29 11:01:34 UTC |
Potential Proof of Concepts
Warning: These PoCs have not been tested and could contain malware. Use at your own risk.
adobe_media_newplayer
Type: metasploit • Created: Unknown
Metasploit module for CVE-2009-4324
adobe_media_newplayer
Type: metasploit • Created: Unknown
Metasploit module for CVE-2009-4324
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel
-
Detected by Metasploit