Skip to main content

Adobe Reader and Acrobat "authplay.dll" Code Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 7 Jun 2010 5512 Views

RISK: Medium Risk

A vulnerability has been identified in Adobe Reader and Acrobat, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a memory corruption error in the "authplay.dll" library when processing a PDF document including malformed Flash content, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF file.

Note: This vulnerability is currently being exploited in the wild.


Impact

  • Remote Code Execution

System / Technologies affected

  • Adobe Reader version 9.3.2 and prior
  • Adobe Acrobat version 9.3.2 and prior

Solutions

There is no patch available for this vulnerability currently.

Workaround
Rename or delete the "authplay.dll" file located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll for Adobe Reader or C:\Program Files\Adobe\Acrobat 9.0\Acrobat\authplay.dll for Acrobat.


Vulnerability Identifier


Source


Related Link