CVE-2009-4324

Confirmed PUBLISHED

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on...

Adobe · Reader and Acrobat
Exploited in the wild PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
7.8 High

At a Glance

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.

macos metasploit cisa windows
CVE Published
Dec 15, 2009
Exploitation Reported
Jun 08, 2022
CVSS
7.8 High
EPSS
Low complexity Unauthenticated

Affected Versions

Vendor Product Version Status
n/a
n/a

n/a

Affected

CVE References

  • RHSA-2010:0060 redhat.com · Vendor Advisory http://www.redhat.com/support/errata/RHSA-2010-0060.html
  • SUSE-SA:2010:008 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009...
  • 37690 secunia.com · Third-Party Advisory http://secunia.com/advisories/37690
  • 38138 secunia.com · Third-Party Advisory http://secunia.com/advisories/38138
  • VU#508357 kb.cert.org · Third-Party Advisory http://www.kb.cert.org/vuls/id/508357
Show 16 more references

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.