Adobe Acrobat is prone to a denial-of-service vulnerability because the application fails to perform adequate boundary-checks on user-supplied data.
Attackers can exploit this issue to cause the affected application to crash, effectively denying service. Arbitrary code execution may be possible, but has not been confirmed.
Adobe Acrobat 9.1.1 is vulnerable; other versions may also be affected.
NOTE: This BID was previously classified as a buffer-overflow. Further analysis reveals that it is a stack exhaustion, and code execution is unlikely.
Published: May 29 2009 12:00AM
Updated: May 29 2009 10:59PM