CVE-2009-0658 – Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC)

https://notcve.org/view.php?id=CVE-2009-0658

Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E. Un desbordamiento del búfer en Adobe Reader versión 9.0 y anteriores, y Acrobat versión 9.0 y anteriores, permite a los atacantes remotos ejecutar código arbitrario por medio de un documento PDF creado, relacionado con una llamada a una función que no sea JavaScript y posiblemente una secuencia de imágenes del componente JBIG2 incrustada, tal como se explotó “in the wild” en febrero de 2009 por Trojan.Pidief.E. • https://www.exploit-db.com/exploits/8099 https://www.exploit-db.com/exploits/16593 https://www.exploit-db.com/exploits/16672 http://isc.sans.org/diary.html?n&storyid=5902 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://osvdb.org/52073 http://secunia.com/advisories/33901 http://secunia.com/advisories/34392 http://secunia.com/advisories/34490 http://secunia.com/ad • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •