Lucene search

K
suseSuseSUSE-SA:2010:008
HistoryJan 26, 2010 - 4:40 p.m.

remote code execution in acroread

2010-01-2616:40:23
lists.opensuse.org
20

0.971 High

EPSS

Percentile

99.8%

Specially crafted PDF files could crash acroread. Attackers could potentially exploit that to execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated to version 9.3 to fix the security issues. Note: Due to integration issues with the major version update of acroread on SLE10 updates for SLE10 are not ready yet. Fixed packages will be submitted ASAP.

Solution

There is no known workaround, please install the update packages.