Release date: May 1, 2009
Last Updated: May 12, 2009
Vulnerability identifier: APSA09-02
CVE number: CVE-2009-1492, CVE-2009-1493
Platform: All Platforms
A critical vulnerability has been identified in Adobe Reader 9.1 and Acrobat 9.1 and earlier versions. This vulnerability (CVE-2009-1492) would cause the application to crash and could potentially allow an attacker to take control of the affected system. A second vulnerability has also been reported that appears to affect Adobe Reader for UNIX only (CVE-2009-1493).
Adobe has released product updates to Adobe Reader and Acrobat to resolve the relevant security issues. For more information, please refer to Security Bulletin APSB09-06.
Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at the following URL: http://blogs.adobe.com/psirt or by subscribing to the RSS feed here: http://blogs.adobe.com/psirt/atom.xml.
Adobe Reader 9.1 and earlier versions
Adobe Acrobat Standard, Pro, and Pro Extended 9.1 and earlier versions
Adobe categorizes this as a critical update and recommends that users apply the update for their product installations.
May 12, 2009 - Advisory updated
May 1, 2009 - Advisory first created