Adobe Acrobat and Reader Multiple Vulnerabilities
RISK: Medium Risk
Multiple vulnerabilities have been identified in Adobe Reader and Acrobat, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system, or by local attackers to gain elevated privileges. These issues are caused by memory corruptions, array-indexing, and input validation errors when processing malformed data, fonts or images within a PDF document, which could be exploited by remote attackers to crash an affected application or execute arbitrary code by tricking a user into opening a specially crafted PDF document, or exploited by malicious users to elevate privileges on Linux systems.
Impact
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
System / Technologies affected
- Adobe Reader version 9.3.4 and prior
- Adobe Reader version 8.2.4 and prior
- Adobe Acrobat version 9.3.4 and prior
- Adobe Acrobat version 8.2.4 and prior
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to Adobe Acrobat and Reader version 9.4 or 8.2.5 :
http://www.adobe.com/support/security/bulletins/apsb10-21.html
Vulnerability Identifier
- CVE-2010-2883
- CVE-2010-2884
- CVE-2010-2887
- CVE-2010-2888
- CVE-2010-2889
- CVE-2010-2890
- CVE-2010-3619
- CVE-2010-3620
- CVE-2010-3621
- CVE-2010-3622
- CVE-2010-3623
- CVE-2010-3624
- CVE-2010-3625
- CVE-2010-3626
- CVE-2010-3627
- CVE-2010-3628
- CVE-2010-3629
- CVE-2010-3630
- CVE-2010-3631
- CVE-2010-3632
- CVE-2010-3656
- CVE-2010-3657
- CVE-2010-3658
Source
Share with