CVE-2009-4324 (GCVE-0-2009-4324)
Vulnerability from cvelistv5
Published
2009-12-15 02:00
Modified
2025-07-30 01:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.
References
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2022-06-08
Due date: 2022-06-22
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://nvd.nist.gov/vuln/detail/CVE-2009-4324
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37331",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37331"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"
},
{
"name": "37690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37690"
},
{
"name": "38138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38138"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=547799"
},
{
"name": "60980",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/60980"
},
{
"name": "VU#508357",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/508357"
},
{
"name": "acro-reader-unspecifed-code-execution(54747)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54747"
},
{
"name": "ADV-2009-3518",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3518"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"name": "oval:org.mitre.oval:def:6795",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795"
},
{
"name": "RHSA-2010:0060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0060.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html"
},
{
"name": "ADV-2010-0103",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0103"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214"
},
{
"name": "38215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38215"
},
{
"name": "SUSE-SA:2010:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"
},
{
"name": "TA10-013A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA10-013A.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2009-4324",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T21:42:23.751240Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-06-08",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-4324"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:47:06.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2022-06-08T00:00:00+00:00",
"value": "CVE-2009-4324 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "37331",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37331"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"
},
{
"name": "37690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37690"
},
{
"name": "38138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38138"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=547799"
},
{
"name": "60980",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/60980"
},
{
"name": "VU#508357",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/508357"
},
{
"name": "acro-reader-unspecifed-code-execution(54747)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54747"
},
{
"name": "ADV-2009-3518",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3518"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"name": "oval:org.mitre.oval:def:6795",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795"
},
{
"name": "RHSA-2010:0060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0060.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html"
},
{
"name": "ADV-2010-0103",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0103"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214"
},
{
"name": "38215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38215"
},
{
"name": "SUSE-SA:2010:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"
},
{
"name": "TA10-013A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA10-013A.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2009-4324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37331",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37331"
},
{
"name": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html",
"refsource": "MISC",
"url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"
},
{
"name": "37690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37690"
},
{
"name": "38138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38138"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=547799",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=547799"
},
{
"name": "60980",
"refsource": "OSVDB",
"url": "http://osvdb.org/60980"
},
{
"name": "VU#508357",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/508357"
},
{
"name": "acro-reader-unspecifed-code-execution(54747)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54747"
},
{
"name": "ADV-2009-3518",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3518"
},
{
"name": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb",
"refsource": "MISC",
"url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-02.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"name": "oval:org.mitre.oval:def:6795",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795"
},
{
"name": "RHSA-2010:0060",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0060.html"
},
{
"name": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html",
"refsource": "MISC",
"url": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html"
},
{
"name": "ADV-2010-0103",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0103"
},
{
"name": "http://www.adobe.com/support/security/advisories/apsa09-07.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"
},
{
"name": "http://www.symantec.com/connect/blogs/zero-day-xmas-present",
"refsource": "MISC",
"url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"
},
{
"name": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214",
"refsource": "MISC",
"url": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214"
},
{
"name": "38215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38215"
},
{
"name": "SUSE-SA:2010:008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"
},
{
"name": "TA10-013A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-013A.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2009-4324",
"datePublished": "2009-12-15T02:00:00.000Z",
"dateReserved": "2009-12-14T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:47:06.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2009-4324",
"cwes": "[\"CWE-399\"]",
"dateAdded": "2022-06-08",
"dueDate": "2022-06-22",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2009-4324",
"product": "Acrobat and Reader",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.",
"vendorProject": "Adobe",
"vulnerabilityName": "Adobe Acrobat and Reader Use-After-Free Vulnerability"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2009-4324\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2009-12-15T02:30:00.217\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.\"},{\"lang\":\"es\",\"value\":\"La vulnerabilidad de uso de la memoria previamente liberada (Use-after-free) en la funci\u00f3n Doc.media.newPlayer en el archivo Multimedia.api en Adobe Reader y Acrobat versi\u00f3n 9.x anterior a 9.3, y versi\u00f3n 8.x anterior a 8.2 en Windows y Mac OS X, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado utilizando una transmisi\u00f3n comprimida ZLib, tal como se explot\u00f3 \u201cin the wild\u201d en diciembre de 2009.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"cisaExploitAdd\":\"2022-06-08\",\"cisaActionDue\":\"2022-06-22\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Adobe Acrobat and Reader Use-After-Free Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0\",\"versionEndExcluding\":\"8.2\",\"matchCriteriaId\":\"9670133C-09FA-41F2-B0F7-BFE960E30B71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0\",\"versionEndExcluding\":\"9.3\",\"matchCriteriaId\":\"EA95CC75-BF25-4BEB-B646-ACDBBE32AF4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0\",\"versionEndExcluding\":\"8.2\",\"matchCriteriaId\":\"3A8B3441-727A-4A78-A5A4-5A5011075510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0\",\"versionEndExcluding\":\"9.3\",\"matchCriteriaId\":\"AADB6D5C-5448-4FF7-BB7B-3641EA56194E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:linux_enterprise_debuginfo:11:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C76D0C17-2AFF-4209-BBCD-36166DF7F974\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise:10.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A3B50EE-F432-40BE-B422-698955A6058D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise:10.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"1193A7E6-DCB4-4E79-A509-1D6948153A57\"}]}]}],\"references\":[{\"url\":\"http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://osvdb.org/60980\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/37690\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38138\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38215\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/advisories/apsa09-07.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb10-02.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/508357\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0060.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/37331\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.symantec.com/connect/blogs/zero-day-xmas-present\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA10-013A.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3518\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0103\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=547799\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/54747\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://osvdb.org/60980\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/37690\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38138\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38215\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/advisories/apsa09-07.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb10-02.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/508357\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0060.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/37331\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.symantec.com/connect/blogs/zero-day-xmas-present\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA10-013A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3518\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0103\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=547799\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/54747\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/37331\", \"name\": \"37331\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/37690\", \"name\": \"37690\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/38138\", \"name\": \"38138\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=547799\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://osvdb.org/60980\", \"name\": \"60980\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\", \"x_transferred\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/508357\", \"name\": \"VU#508357\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\", \"x_transferred\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/54747\", \"name\": \"acro-reader-unspecifed-code-execution(54747)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3518\", \"name\": \"ADV-2009-3518\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb10-02.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795\", \"name\": \"oval:org.mitre.oval:def:6795\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0060.html\", \"name\": \"RHSA-2010:0060\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0103\", \"name\": \"ADV-2010-0103\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.adobe.com/support/security/advisories/apsa09-07.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.symantec.com/connect/blogs/zero-day-xmas-present\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/38215\", \"name\": \"38215\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html\", \"name\": \"SUSE-SA:2010:008\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA10-013A.html\", \"name\": \"TA10-013A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-07T07:01:20.249Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2009-4324\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T21:42:23.751240Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-06-08\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-4324\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-06-08T00:00:00+00:00\", \"value\": \"CVE-2009-4324 added to CISA KEV\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T21:42:30.566Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2009-12-14T00:00:00.000Z\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/37331\", \"name\": \"37331\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://secunia.com/advisories/37690\", \"name\": \"37690\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/38138\", \"name\": \"38138\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=547799\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://osvdb.org/60980\", \"name\": \"60980\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/508357\", \"name\": \"VU#508357\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/54747\", \"name\": \"acro-reader-unspecifed-code-execution(54747)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3518\", \"name\": \"ADV-2009-3518\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb10-02.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795\", \"name\": \"oval:org.mitre.oval:def:6795\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0060.html\", \"name\": \"RHSA-2010:0060\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0103\", \"name\": \"ADV-2010-0103\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.adobe.com/support/security/advisories/apsa09-07.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.symantec.com/connect/blogs/zero-day-xmas-present\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://secunia.com/advisories/38215\", \"name\": \"38215\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html\", \"name\": \"SUSE-SA:2010:008\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA10-013A.html\", \"name\": \"TA10-013A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"078d4453-3bcd-4900-85e6-15281da43538\", \"shortName\": \"adobe\", \"dateUpdated\": \"2017-09-18T12:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.securityfocus.com/bid/37331\", \"name\": \"37331\", \"refsource\": \"BID\"}, {\"url\": \"http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\", \"name\": \"http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://secunia.com/advisories/37690\", \"name\": \"37690\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/38138\", \"name\": \"38138\", \"refsource\": \"SECUNIA\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=547799\", \"name\": \"https://bugzilla.redhat.com/show_bug.cgi?id=547799\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://osvdb.org/60980\", \"name\": \"60980\", \"refsource\": \"OSVDB\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/508357\", \"name\": \"VU#508357\", \"refsource\": \"CERT-VN\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/54747\", \"name\": \"acro-reader-unspecifed-code-execution(54747)\", \"refsource\": \"XF\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3518\", \"name\": \"ADV-2009-3518\", \"refsource\": \"VUPEN\"}, {\"url\": \"http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb\", \"name\": \"http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb10-02.html\", \"name\": \"http://www.adobe.com/support/security/bulletins/apsb10-02.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795\", \"name\": \"oval:org.mitre.oval:def:6795\", \"refsource\": \"OVAL\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0060.html\", \"name\": \"RHSA-2010:0060\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html\", \"name\": \"http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0103\", \"name\": \"ADV-2010-0103\", \"refsource\": \"VUPEN\"}, {\"url\": \"http://www.adobe.com/support/security/advisories/apsa09-07.html\", \"name\": \"http://www.adobe.com/support/security/advisories/apsa09-07.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.symantec.com/connect/blogs/zero-day-xmas-present\", \"name\": \"http://www.symantec.com/connect/blogs/zero-day-xmas-present\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214\", \"name\": \"http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214\", \"refsource\": \"MISC\"}, {\"url\": \"http://secunia.com/advisories/38215\", \"name\": \"38215\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html\", \"name\": \"SUSE-SA:2010:008\", \"refsource\": \"SUSE\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA10-013A.html\", \"name\": \"TA10-013A\", \"refsource\": \"CERT\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2009-4324\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"psirt@adobe.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2009-4324\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-30T01:47:06.265Z\", \"dateReserved\": \"2009-12-14T00:00:00.000Z\", \"assignerOrgId\": \"078d4453-3bcd-4900-85e6-15281da43538\", \"datePublished\": \"2009-12-15T02:00:00.000Z\", \"assignerShortName\": \"adobe\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…