Skip to main content

Adobe Acrobat and Reader Multiple Vulnerabilities

Last Update Date: 11 Feb 2011 Release Date: 10 Feb 2011 6424 Views

RISK: High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Multiple vulnerabilities have been identified in Adobe Acrobat and Reader, which could be exploited by malicious users to gain elevated privileges, or by remote attackers to gain knowledge of sensitive information or compromise a vulnerable system. These issues are caused by insecure permissions, input validation errors, memory corruptions, and buffer overflow errors when processing malformed contents within a PDF document, which could be exploited by local attackers to obtain elevated privileges, or by remote attackers to inject scripting code, or execute arbitrary commands by tricking a user into opening a malicious PDF document.


Impact

  • Elevation of Privilege
  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Adobe Acrobat X version 10.0
  • Adobe Acrobat version 9.4.1 and prior
  • Adobe Acrobat version 8.2.5 and prior
  • Adobe Reader X version 10.0
  • Adobe Reader version 9.4.1 and prior
  • Adobe Reader version 8.2.5 and prior

 


Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to Adobe Acrobat and Reader version 10.0.1, 9.4.2 or 8.2.6.

 


Vulnerability Identifier

 


Source

 


Related Link