Skip to main content

Adobe Reader/Acrobat Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 5 Nov 2008 5332 Views

RISK: Medium Risk

Multiple vulnerabilities have been identified in in Adobe Reader/Acrobat, which can be exploited by malicious people to compromise a user's system.

1. A memory corruption error when passing an overly long argument to an AcroJS function, which could be exploited to crash an affected application or execute arbitrary code.

2. An error when processing Type 1 fonts, which could be exploited to crash an affected application or execute arbitrary code via a malicious document.

3. A stack overflow error in the getPlus Download Manager when processing malformed data, which could be exploited to execute arbitrary code via a malicious web page.

4. A stack overflow error when processing data passed to the Javascript "util.printf()" function, which could be exploited to crash an affected application or execute arbitrary code.

5. A memory corruption error when parsing certain PDF objects, which could be exploited to crash an affected application or execute arbitrary code.

6. A memory corruption error when creating a Collab object and performing a specific sequence of actions on it, which could be exploited to crash an affected application or execute arbitrary code via a malicious document.

7. An unspecified error in the Download Manager, which could lead to a user's Internet Security options being changed during the download process.

8. An unspecified input validation error in a JavaScript method, which could lead to remote code execution.

9. An unspecified Unix-only privilege escalation error.

10. An error when processing malformed PDF data, which could be exploited to cause a denial of service.