Lucene search

K
thnThe Hacker NewsTHN:052C62A3AAC6AAF4ECBA83E5A8A68956
HistoryFeb 20, 2013 - 11:14 p.m.

Patch released for critical Adobe vulnerabilities

2013-02-2023:14:00
The Hacker News
thehackernews.com
7

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.949 High

EPSS

Percentile

99.3%

Today Adobe released a patch for two critical vulnerabilities (CVE-2013-0640 and CVE-2013-0641) that are already being exploited by attackers. Adobe released version 11.0.02 of its Adobe Reader and Adobe Acrobat Pro applications.

The Hacker NewsVulnerabilities affect Adobe Reader and Acrobat XI (11.0.01 and earlier), X (10.1.5 and earlier) and 9.5.3 and earlier for Windows and Mac OS X systems.

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.” security advisory reads.

Exploits were discovered by security company FireEye and researchers with antivirus provider Kaspersky Lab have confirmed the exploit can successfully escape the Adobe sandbox.

Users can update the software through the built-in updater or by downloading a copy of the Windows, Mac, or Linux installer directly from Adobe’s website.

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.949 High

EPSS

Percentile

99.3%