Skip to main content

Adobe Acrobat and Reader Multiple Code Execution Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 30 Jun 2010 5687 Views

RISK: Medium Risk

Multiple vulnerabilities have been identified in Adobe Reader and Acrobat, which could be exploited by attackers to cause a denial of service or compromise a vulnerable system. These issues are caused by memory corruptions, invalid pointers, uninitialized memory, array-indexing and use-after-free errors when processing malformed data within a PDF document, which could be exploited by attackers to crash an affected application or execute arbitrary code by tricking a user into opening a specially crafted PDF document.


Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • Adobe Reader version 9.3.2 and prior
  • Adobe Reader version 8.2.2 and prior
  • Adobe Acrobat version 9.3.2 and prior
  • Adobe Acrobat version 8.2.2 and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to Adobe Acrobat and Reader version 9.3.3 or 8.2.3 :
http://www.adobe.com/support/security/bulletins/apsb10-15.html


Vulnerability Identifier


Source


Related Link