Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201201-19
HistoryJan 30, 2012 - 12:00 a.m.

Adobe Reader: Multiple vulnerabilities

2012-01-3000:00:00
Gentoo Foundation
security.gentoo.org
18

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.8%

JSON

Background

Adobe Reader is a closed-source PDF reader.

Description

Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could entice a user to open a specially crafted PDF file using Adobe Reader, possibly resulting in the remote execution of arbitrary code, a Denial of Service, or other impact.

Workaround

There is no known workaround at this time.

Resolution

All Adobe Reader users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
OSVersionArchitecturePackageVersionFilename
Gentooanyallapp-text/acroread< 9.4.7UNKNOWN

Related

openvas 28
nessus 39
redhat 4
securityvulns 7
suse 9
freebsd 2
prion 40
cve 41
checkpoint_advisories 7
ubuntucve 16
threatpost 1
seebug 3
gentoo 1
zdi 1
openvas
openvas
Gentoo Security Advisory GLSA 201201-19 (acroread)
2012-02-12 00:00:00
Gentoo Security Advisory GLSA 201201-19 (acroread)
2012-02-12 00:00:00
Adobe Reader and Acrobat Multiple Vulnerabilities (Feb 2011) - Windows
2011-02-15 00:00:00
nessus
nessus
GLSA-201201-19 : Adobe Reader: Multiple vulnerabilities
2012-01-31 00:00:00
Adobe Acrobat < 10.1.1 / 9.4.6 / 8.3.1 Multiple Vulnerabilities (APSB11-21, APSB11-24)
2011-09-14 00:00:00
RHEL 4 / 5 / 6 : acroread (RHSA-2011:0301)
2011-02-24 00:00:00
redhat
redhat
(RHSA-2011:0301) Critical: acroread security update
2011-02-23 00:00:00
(RHSA-2011:1144) Critical: flash-plugin security update
2011-08-10 00:00:00
(RHSA-2011:1434) Critical: acroread security update
2011-11-08 00:00:00
securityvulns
securityvulns
Adobe Reader / Acrobat multiple security vulnerabilities
2011-02-14 00:00:00
Security updates available for Adobe Reader and Acrobat
2011-02-11 00:00:00
Adobe Flash Player multiple security vulnerabilities
2011-08-27 00:00:00
suse
suse
remote code execution in flash-player
2011-08-11 15:39:03
flash-player (critical)
2011-08-12 05:08:25
Security update for flash-player (critical)
2011-08-12 04:08:20
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2011-05-13 00:00:00
acroread9 -- Multiple Vulnerabilities
2011-12-07 00:00:00
prion
prion
Buffer overflow
2011-02-10 18:00:00
Buffer overflow
2011-02-10 18:00:00
Design/Logic Flaw
2011-02-10 18:00:00
cve
cve
CVE-2011-0591
2011-02-10 18:00:00
CVE-2011-0600
2011-02-10 18:00:00
CVE-2011-0590
2011-02-10 18:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat Reader U3D Texture External File Buffer Overflow (APSB11-03; CVE-2011-0590; CVE-2011-0591; CVE-2011-0592; CVE-2011-0593; CVE-2011-0596; CVE-2011-0599)
2013-11-26 00:00:00
Preemptive Protection against Adobe PDF File LoadImageA RMA JavaScript Multiple Code Execution Vulnerabilities (APSB11-24; CVE-2011-2439)
2011-10-04 00:00:00
Adobe Reader and Acrobat PICT Image Heap Buffer Overflow (APSB11-24; CVE-2011-2433; CVE-2011-2434)
2011-09-20 00:00:00
ubuntucve
ubuntucve
CVE-2011-2414
2011-08-10 00:00:00
CVE-2011-2415
2011-08-10 00:00:00
CVE-2011-2134
2011-08-10 00:00:00
threatpost
threatpost
Adobe Plans Critical Security Updates for Reader, Acrobat Next Week
2012-01-06 19:26:09
seebug
seebug
Adobe Flash Player Integer Overflow
2011-08-12 00:00:00
Adobe Acrobat和Reader内存泄露远程代码执行漏洞(CVE-2011-2439)
2011-11-16 00:00:00
Adobe Reader U3D PICT 0Eh远程代码执行漏洞(CVE-2011-2433)
2011-10-27 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2011-10-13 00:00:00
zdi
zdi
Adobe Reader Compound Glyphs Array Indexing Error Remote Code Execution Vulnerability
2011-10-13 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.8%

JSON
Related for GLSA-201201-19
openvas28nessus39redhat4securityvulns7suse9freebsd2prion40cve41checkpoint_advisories7ubuntucve16threatpost1seebug3gentoo1zdi1