A vulnerability has been identified in Adobe Reader and Acrobat, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a use-after-free error within the "DocMedia.newPlayer()" function, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF file.

Note: This vulnerability is currently being exploited in the wild.

Affected Products

Adobe Reader version 9.2 and prior
Adobe Acrobat version 9.2 and prior

Solution

Upgrade to version 9.3 or 8.2.

References

http://www.vupen.com/english/advisories/2009/3518
http://www.adobe.com/support/security/advisories/apsa09-07.html
http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html

In-depth Binary Analysis

Available in customer area as part of VUPEN Binary Analysis & Exploits Service and VUPEN Vulnerability Notification Service Ultimate Feed Edition.
 

Private Exploit or PoC

Available in customer area as part of VUPEN Binary Analysis & Exploits Service and VUPEN Vulnerability Notification Service Ultimate Feed Edition.
 

Credits

Vulnerability reported by the vendor.

Changelog

2009-12-15 : Initial release
2009-12-15 : Updated References
2010-01-12 : Updated Solution

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.