CVE DATABASE / CVE-2009-4324
CVE-2009-4324
Adobe Acrobat and Reader Use-After-Free Vulnerability
Confirmed exploited in the wild. Added 2022-06-08.
Federal remediation due 2022-06-22.
Required action: Apply updates per vendor instructions.
Summary
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.
CVSS 3.1 breakdown
| Base score | 7.8 (HIGH) |
| Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| Attack vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | REQUIRED |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | HIGH |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
- http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html
- http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html
- http://osvdb.org/60980
- http://secunia.com/advisories/37690
- http://secunia.com/advisories/38138
- http://secunia.com/advisories/38215
- http://www.adobe.com/support/security/advisories/apsa09-07.html
- http://www.adobe.com/support/security/bulletins/apsb10-02.html
- http://www.kb.cert.org/vuls/id/508357
- http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb
- http://www.redhat.com/support/errata/RHSA-2010-0060.html
- http://www.securityfocus.com/bid/37331
- http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214
- http://www.symantec.com/connect/blogs/zero-day-xmas-present
Data: NIST NVD + CISA KEV. NVD last modified 2026-04-21. Always verify against the vendor advisory before acting.