Adobe Acrobat and Reader Multiple Code Execution Vulnerabilities
RISK: Medium Risk
Multiple vulnerabilities have been identified in Adobe Reader and Acrobat, which could be exploited by attackers to cause a denial of service or compromise a vulnerable system. These issues are caused by memory corruptions, invalid pointers, uninitialized memory, array-indexing and use-after-free errors when processing malformed data within a PDF document, which could be exploited by attackers to crash an affected application or execute arbitrary code by tricking a user into opening a specially crafted PDF document.
Impact
- Denial of Service
- Remote Code Execution
System / Technologies affected
- Adobe Reader version 9.3.2 and prior
- Adobe Reader version 8.2.2 and prior
- Adobe Acrobat version 9.3.2 and prior
- Adobe Acrobat version 8.2.2 and prior
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Upgrade to Adobe Acrobat and Reader version 9.3.3 or 8.2.3 :
http://www.adobe.com/support/security/bulletins/apsb10-15.html
Vulnerability Identifier
- CVE-2010-1240
- CVE-2010-1285
- CVE-2010-1295
- CVE-2010-1297
- CVE-2010-2168
- CVE-2010-2201
- CVE-2010-2202
- CVE-2010-2203
- CVE-2010-2204
- CVE-2010-2205
- CVE-2010-2206
- CVE-2010-2207
- CVE-2010-2208
- CVE-2010-2209
- CVE-2010-2210
- CVE-2010-2211
- CVE-2010-2212
Source
Related Link
Share with