Unrated severityNVD Advisory· Published Apr 30, 2009· Updated Jun 16, 2026
CVE-2009-1492
CVE-2009-1492
Description
The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*range: >=7.0,<=7.1.1
- cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*range: >=7.0,<=7.1.1
- (no CPE)range: <=9.1
- Range: <=9.1
Patches
Vulnerability mechanics
References
27- packetstorm.linuxsecurity.com/0904-exploits/getannots.txtnvdExploitThird Party Advisory
- www.securityfocus.com/bid/34736nvdExploitThird Party AdvisoryVDB Entry
- blogs.adobe.com/psirt/2009/04/potential_adobe_reader_issue.htmlnvdVendor Advisory
- blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.htmlnvdVendor Advisory
- blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.htmlnvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlnvdMailing ListThird Party Advisory
- secunia.com/advisories/34924nvdThird Party Advisory
- secunia.com/advisories/35055nvdThird Party Advisory
- secunia.com/advisories/35096nvdThird Party Advisory
- secunia.com/advisories/35152nvdThird Party Advisory
- secunia.com/advisories/35358nvdThird Party Advisory
- secunia.com/advisories/35416nvdThird Party Advisory
- secunia.com/advisories/35734nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-200907-06.xmlnvdThird Party Advisory
- support.nortel.com/go/main.jspnvdThird Party Advisory
- www.adobe.com/support/security/bulletins/apsb09-06.htmlnvdVendor Advisory
- www.kb.cert.org/vuls/id/970180nvdThird Party AdvisoryUS Government Resource
- www.redhat.com/support/errata/RHSA-2009-0478.htmlnvdThird Party Advisory
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.us-cert.gov/cas/techalerts/TA09-133B.htmlnvdThird Party AdvisoryUS Government Resource
- www.vupen.com/english/advisories/2009/1189nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/1317nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/50145nvdThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/8569nvdThird Party AdvisoryVDB Entry
- osvdb.org/54130nvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
News mentions
0No linked articles in our index yet.