CVE-2009-3955

CVE-2009-3955 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption.

Learn more about our Web Application Penetration Testing UK.