Skip to main content

Adobe Reader Bypass Sandbox Restrictions Vulnerabilities

Last Update Date: 31 Mar 2014 18:00 Release Date: 31 Mar 2014 4090 Views

RISK: High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Two vulnerabilities have been identified in Adobe Reader, which can be exploited by remote user to cause arbitrary code to be executed on the target user's system.

  • A remote user can create a specially crafted PDF file that, when loaded by the target user, will trigger a heap overflow and execute arbitrary code on the target system. The code will run with the privileges of the target user.
  • A remote user can create a specially crafted PDF file that, when loaded by the target user, will bypass sandbox restrictions.

Impact

  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Adobe Reader version 11.0.06

Solutions

  • Vulnerability has no patch available

Vulnerability Identifier


Source


Related Link