Adobe Reader and Acrobat (CVE-2009-2994) U3D 'CLODMeshDeclaration' Buffer Overflow Vulnerability

Adobe Reader and Acrobat are prone to a buffer-overflow vulnerability because the applications fail to perform adequate boundary-checks on user-supplied data.

Successfully exploiting this issue may allow attackers to execute arbitrary code within the context of the affected applications. Failed exploit attempts will result in a denial-of-service condition.

This issue affects versions *prior to* Reader and Acrobat 7.1.4, 8.1.7, and 9.2.

This issue was previously covered in BID 36638 (Adobe Reader and Acrobat October 2009 Multiple Remote Vulnerabilities), but has been given its own record to better document it.


Privacy Statement
Copyright 2010, SecurityFocus