High severity7.8CISA KEVNVD Advisory· Published Dec 15, 2009· Updated Apr 21, 2026

CVE-2009-4324

Description

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.

Affected products

Adobe Inc./Acrobat
cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
Range: >=8.0,<8.2
Adobe Inc./Acrobat Reader
cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*
Range: >=8.0,<8.2
SUSE S.A./Linux Enterprise Debuginfo
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:-:*:*:*:*:*:*
OpenSUSE/openSUSE2 versions
cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
SUSE S.A./Linux Enterprise2 versions
cpe:2.3:o:suse:linux_enterprise:10.0:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise:10.0:sp2:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:10.0:sp3:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

contagiodump.blogspot.com/2009/12/virustotal-httpwww.htmlnvdExploitThird Party Advisory
blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.htmlnvdBroken LinkVendor Advisory
lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.htmlnvdMailing ListThird Party Advisory
secunia.com/advisories/37690nvdBroken LinkVendor Advisory
secunia.com/advisories/38138nvdBroken LinkVendor Advisory
secunia.com/advisories/38215nvdBroken LinkVendor Advisory
www.adobe.com/support/security/advisories/apsa09-07.htmlnvdVendor Advisory
www.kb.cert.org/vuls/id/508357nvdThird Party AdvisoryUS Government Resource
www.securityfocus.com/bid/37331nvdBroken LinkThird Party AdvisoryVDB Entry
www.us-cert.gov/cas/techalerts/TA10-013A.htmlnvdThird Party AdvisoryUS Government Resource
www.vupen.com/english/advisories/2009/3518nvdBroken LinkVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/54747nvdThird Party AdvisoryVDB Entry
osvdb.org/60980nvdBroken Link
www.adobe.com/support/security/bulletins/apsb10-02.htmlnvdNot Applicable
www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rbnvdBroken Link
www.redhat.com/support/errata/RHSA-2010-0060.htmlnvdBroken Link
www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214nvdBroken Link
www.symantec.com/connect/blogs/zero-day-xmas-presentnvdBroken Link
www.vupen.com/english/advisories/2010/0103nvdBroken Link
bugzilla.redhat.com/show_bug.cginvdIssue Tracking
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795nvdBroken Link
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.074
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000