Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-200910-03
HistoryOct 25, 2009 - 12:00 a.m.

Adobe Reader: Multiple vulnerabilities

2009-10-2500:00:00
Gentoo Foundation
security.gentoo.org
13

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.972 High

EPSS

Percentile

99.8%

JSON

Background

Adobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF reader.

Description

Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletin referenced below.

Impact

A remote attacker might entice a user to open a specially crafted PDF file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, Denial of Service, the creation of arbitrary files on the victim’s system, β€œTrust Manager” bypass, or social engineering attacks.

Workaround

There is no known workaround at this time.

Resolution

All Adobe Reader users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-text/acroread-9.2"
OSVersionArchitecturePackageVersionFilename
Gentooanyallapp-text/acroread<Β 9.2UNKNOWN

Related

openvas 20
seebug 4
nessus 30
redhat 3
suse 2
securityvulns 10
ubuntucve 21
cve 23
prion 23
checkpoint_advisories 16
chrome 1
packetstorm 6
exploitpack 1
saint 12
cert 2
kaspersky 1
gentoo 1
zdi 1
exploitdb 1
canvas 1
attackerkb 1
mozilla 1
debian 1
openvas
openvas
Gentoo Security Advisory GLSA 200910-03 (acroread)
2009-10-27 00:00:00
Gentoo Security Advisory GLSA 200910-03 (acroread)
2009-10-27 00:00:00
RedHat Security Advisory RHSA-2009:1499
2009-10-19 00:00:00
seebug
seebug
Adobe Reader: Multiple vulnerabilities
2009-10-27 00:00:00
Adobe Acrobat Reader 7-9 U3D BoF
2009-10-27 00:00:00
Adobe Acrobat Reader 7-9 - U3D BoF
2014-07-01 00:00:00
nessus
nessus
GLSA-200910-03 : Adobe Reader: Multiple vulnerabilities
2009-10-26 00:00:00
RHEL 3 / 4 / 5 : acroread (RHSA-2009:1499)
2009-10-15 00:00:00
openSUSE Security Update : acroread (acroread-1426)
2009-10-26 00:00:00
redhat
redhat
(RHSA-2009:1499) Critical: acroread security update
2009-10-14 00:00:00
(RHSA-2007:0017) Critical: Adobe Acrobat Reader security update
2007-01-11 00:00:00
(RHSA-2007:0021) Critical: Adobe Acrobat Reader security update
2007-01-22 00:00:00
suse
suse
remote code execution in acroread, acroread_ja
2009-10-26 13:17:31
remote code execution in acroread
2007-01-22 18:37:17
securityvulns
securityvulns
Adobe Acrobat / Reader multiple security vulnerabilities
2009-10-19 00:00:00
VUPEN Security - Adobe Acrobat and Reader U3D Filter Code Execution Vulnerabilities
2009-10-17 00:00:00
n.runs-SA-2009.007 - Adobe Acrobat - Invalid pointer write could lead to arbitrary code execution
2009-10-17 00:00:00
ubuntucve
ubuntucve
CVE-2009-2998
2009-10-19 00:00:00
CVE-2009-3458
2009-10-19 00:00:00
CVE-2009-2996
2009-10-19 00:00:00
cve
cve
CVE-2009-3458
2009-10-19 22:30:00
CVE-2009-2985
2009-10-19 22:30:00
CVE-2009-2998
2009-10-19 22:30:00
prion
prion
Input validation
2009-10-19 22:30:00
Input validation
2009-10-19 22:30:00
Memory corruption
2009-10-19 22:30:00
checkpoint_advisories
checkpoint_advisories
Adobe Reader Plugin Malformed URL Cross-Site Scripting (APSB07-01; CVE-2007-0045; CVE-2007-0048)
2010-01-12 00:00:00
Adobe Reader PDF Document Metadata XML Bomb (APSB09-15; CVE-2009-2979)
2009-10-14 00:00:00
Adobe Reader JPEG2000 Quantization Component Memory Corruption (APSB09-15; CVE-2009-2994)
2009-10-14 00:00:00
chrome
chrome
Stable, Beta update: Yahoo! Mail and Security Fixes
2009-01-28 00:00:00
packetstorm
packetstorm
Adobe U3D CLODProgressiveMeshDeclaration Array Overrun
2009-12-31 00:00:00
Adobe Acrobat Reader Array Overrun
2009-10-27 00:00:00
Adobe U3D CLODProgressiveMeshDeclaration Array Overrun
2009-12-31 00:00:00
exploitpack
exploitpack
Adobe Acrobat Reader 7 9 - U3D Buffer Overflow
2009-10-27 00:00:00
saint
saint
Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
2009-11-20 00:00:00
Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
2009-11-20 00:00:00
Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
2009-11-20 00:00:00
cert
cert
Adobe Acrobat and Reader contain vulnerabilities in multiple Document Object JavaScript methods
2009-10-13 00:00:00
Adobe Acrobat Plug-In cross domain violation
2007-01-03 00:00:00
kaspersky
kaspersky
KLA10032 Multiple vulnerabilities in Adobe Acrobat & Reader
2007-01-09 00:00:00
gentoo
gentoo
Adobe Acrobat Reader: Multiple vulnerabilities
2007-01-22 00:00:00
zdi
zdi
Adobe Reader Compact Font Format Malformed Index Memory Corruption Vulnerability
2009-10-13 00:00:00
exploitdb
exploitdb
Adobe Acrobat Reader 7 &lt; 9 - U3D Buffer Overflow
2009-10-27 00:00:00
canvas
canvas
Immunity Canvas: ACROBAT_U3D_MESH
2010-01-13 19:30:00
attackerkb
attackerkb
CVE-2009-3953
2010-01-13 00:00:00
mozilla
mozilla
Improvements to help protect against Cross-Site Scripting attacks β€” Mozilla
2007-02-23 00:00:00
debian
debian
[SECURITY] [DSA 1336-1] New mozilla-firefox packages fix several vulnerabilities
2007-07-22 17:43:28

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.972 High

EPSS

Percentile

99.8%

JSON
Related for GLSA-200910-03
openvas20seebug4nessus30redhat3suse2securityvulns10ubuntucve21cve23prion23checkpoint_advisories16chrome1packetstorm6exploitpack1saint12cert2kaspersky1gentoo1zdi1exploitdb1canvas1attackerkb1mozilla1debian1