Adobe Acrobat and Reader Multiple Vulnerabilities
RISK: High Risk
TYPE: Clients - Productivity Products
Multiple vulnerabilities have been identified in Adobe Acrobat and Reader, which could be exploited by malicious users to gain elevated privileges, or by remote attackers to gain knowledge of sensitive information or compromise a vulnerable system. These issues are caused by insecure permissions, input validation errors, memory corruptions, and buffer overflow errors when processing malformed contents within a PDF document, which could be exploited by local attackers to obtain elevated privileges, or by remote attackers to inject scripting code, or execute arbitrary commands by tricking a user into opening a malicious PDF document.
Impact
- Elevation of Privilege
- Remote Code Execution
- Information Disclosure
System / Technologies affected
- Adobe Acrobat X version 10.0
- Adobe Acrobat version 9.4.1 and prior
- Adobe Acrobat version 8.2.5 and prior
- Adobe Reader X version 10.0
- Adobe Reader version 9.4.1 and prior
- Adobe Reader version 8.2.5 and prior
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to Adobe Acrobat and Reader version 10.0.1, 9.4.2 or 8.2.6.
Vulnerability Identifier
- CVE-2010-4091
- CVE-2011-0562
- CVE-2011-0563
- CVE-2011-0564
- CVE-2011-0565
- CVE-2011-0566
- CVE-2011-0567
- CVE-2011-0568
- CVE-2011-0570
- CVE-2011-0585
- CVE-2011-0586
- CVE-2011-0587
- CVE-2011-0588
- CVE-2011-0589
- CVE-2011-0590
- CVE-2011-0591
- CVE-2011-0592
- CVE-2011-0593
- CVE-2011-0594
- CVE-2011-0595
- CVE-2011-0596
- CVE-2011-0598
- CVE-2011-0599
- CVE-2011-0600
- CVE-2011-0602
- CVE-2011-0603
- CVE-2011-0604
- CVE-2011-0605
- CVE-2011-0606
Source
Related Link
Share with