36 matches found
Adobe Reader X Sandbox Bypass Vulnerability
No description provided by source. Adobe Reader X Sandbox Bypass Vulnerability Sep 13, 2011 Summary: ======== Fortinet's FortiGuard Labs has discovered a sandbox bypass vulnerability in Adobe Reader X. Impact: ======= Local Privilege Escalation. Risk: ===== Critical Affected Software:...
VUPEN Security Research - Adobe Acrobat and Reader Picture Dimensions Heap Overflow Vulnerability
VUPEN Security Research - Adobe Acrobat and Reader Picture Dimensions Heap Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Adobe Acrobat and Reader are the global standards for electronic document...
Adobe Reader X 10.0.0 10.0.1 - Atom Type Confusion
Adobe Reader X 10.0.0 10.0.1 - Atom Type Confusion Exploit Title: Adobe Reader X Atom Type Confusion Vulnerability Exploit Date: 7/3/2011 Author: Snake Shahriyar.j gmail Version: Adobe Reader X It work reliably on IE9/FF4 and other browsers. The Arashi : http://abysssec.com/files/TheArashi.pdf...
Adobe Reader X 10.0.0 < 10.0.1 - Atom Type Confusion
Exploit Title: Adobe Reader X Atom Type Confusion Vulnerability Exploit Date: 7/3/2011 Author: Snake Shahriyar.j gmail Version: Adobe Reader X It work reliably on IE9/FF4 and other browsers. The Arashi : http://abysssec.com/files/TheArashi.pdf http://www.exploit-db.com/docs/17469.pdf me :...
FreeBSD : linux-flashplugin -- remote code execution vulnerability (32b05547-6913-11e0-bdc4-001b2134ef46)
Adobe Product Security Incident Response Team reports : A critical vulnerability exists in Flash Player 10.2.153.1 and earlier versions Adobe Flash Player 10.2.154.25 and earlier for Chrome users for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 10.2.156.12 and earlier versions for...
Adobe to Patch Flash Zero Day on Windows, Mac on Friday
Adobe is planning to patch the recently disclosed Flash Player vulnerability on Friday for users on Windows, Mac OS X and Linux. The vulnerability is being used in targeted attacks right now that use malicious Word documents. Adobe said on Wednesday night that it plans to push out the Flash Playe...
Adobe Reader Flash AVM2 Memory Corruption
Added: 03/30/2011 CVE: CVE-2011-0609 BID: 46860 OSVDB: 71254 Background Adobe Reader is free software for viewing PDF documents. Problem Adobe Reader 9.x is vulnerable to a remote code execution vulnerability as a result of parsing flash content by the bundled Adobe Flash Player. Resolution Updat...
Adobe Reader Flash AVM2 Memory Corruption
Added: 03/30/2011 CVE: CVE-2011-0609 BID: 46860 OSVDB: 71254 Background Adobe Reader is free software for viewing PDF documents. Problem Adobe Reader 9.x is vulnerable to a remote code execution vulnerability as a result of parsing flash content by the bundled Adobe Flash Player. Resolution Updat...
Adobe Warns of Attacks on Critical Flash Player Bug
Adobe is warning its users about a critical vulnerability in Flash that affects Adobe Reader and Acrobat, as well. The bug can be used by remote attackers to run arbitrary code and Adobe officials said that they’ve already seen some attacks that are targeting the vulnerability. The vulnerability ...
New Adobe Under Zero-Day Attack !
Adobe today released an advisory to warn about a remote code execution vulnerability in Flash Player, which also affects Adobe Reader and Acrobat. This critical vulnerability has been assigned CVE-2011-0609. Currently seen attacks work through a malicious SWF file which is embedded inside an Exce...
Critical Adobe Reader X Patches On Deck
Adobe will join Microsoft on the security patch treadmill next Tuesday February 8, 2011 with “critical” updates for code execution holes in its flagship Adobe Reader and Adobe Acrobat products. According to an advance notice from the software maker, these security holes affect Reader X 10.0 for...
Week in Security: Wikileaks Extravaganza, New Ransomware and Open-Source Attacks
It was difficult to go anywhere this week without hearing about the flurry of activity surrounding the Wikileaks data dump. A slew of denial-of-service attacks followed soon after, while new ransomware and attacks on open-source software filled out the rest of the week’s news. Read on for the wee...
Anup Ghosh on PDF Exploits and Sandboxes
Dennis Fisher talks with Anup Ghosh, founder and chief scientist of Invincea, about the rise of browser and PDF exploits, the company’s new virtualized PDF security product and whether the Reader X sandbox will make a difference in preventing widespread PDF attacks. Podcast audio courtesy of...
Assessing the Adobe Reader X Sandbox
Over the past few years, malicious PDFs have become common place and a prefered vector for attackers. Last week, Adobe announced the release of Reader X – the much anticipated next major release of their ubiquitous document reader, which includes a new security feature called ”Protected Mode”...
Adobe Releases Reader X With Sandbox
Adobe has released the much anticipated new version of its Reader software, Adobe Reader X, which includes the new sandboxing feature meant to prevent exploits against the software from affecting other applications on a PC. The new version of Reader, one of the more widely deployed applications...
Adobe Reader X With Protected Mode Due in November
Adobe will finally release the new version of its Reader software–which will include the much-anticipated Protected Mode security feature–next month. Adobe Reader X will include a number of other new features in addition to the sandbox feature. Adobe officials have been discussing Protected Mode...