Lucene search
AnonymousZDI-11-075HistoryFeb 08, 2011 - 12:00 a.m.
Adobe Acrobat Reader rt3d.dll Multimedia Playing Arbitrary Memory Overwite Remote Code Execution Vulnerability
2011-02-0800:00:00
Anonymous
www.zerodayinitiative.com
11
0.335 Low
EPSS
Percentile
97.1%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the rt3d.dll component explicitly trusting a length embedded within a particular file in order to calculate the length of a buffer. The application will then duplicate an arbitrarily sized string into a statically sized buffer located on the stack. This can lead to code execution under the context of the application.
Related
checkpoint_advisories
checkpoint_advisories
Adobe Reader and Acrobat rt3d.dll Buffer Overflow (APSB11-03; CVE-2011-0606)
2013-02-06 00:00:00
securityvulns
securityvulns
prion
prion
Stack overflow
2011-02-10 18:00:00
Memory corruption
2011-02-10 18:00:00
Memory corruption
2011-02-10 18:00:00
nvd
nvd
cvelist
cvelist
cve
cve
redhat
redhat
(RHSA-2011:0301) Critical: acroread security update
2011-02-23 00:00:00
nessus
nessus
RHEL 4 / 5 / 6 : acroread (RHSA-2011:0301)
2011-02-24 00:00:00
SuSE 11.1 Security Update : acroread (SAT Patch Number 4057)
2011-03-07 00:00:00
openSUSE Security Update : acroread (openSUSE-SU-2011:0156-1)
2011-05-05 00:00:00
openvas
openvas
Adobe Reader and Acrobat Multiple Vulnerabilities (Feb 2011) - Windows
2011-02-15 00:00:00
Adobe Reader Multiple Vulnerabilities (Feb 2011) - Linux
2011-02-15 00:00:00
SUSE: Security Advisory for acroread (SUSE-SA:2011:011)
2011-03-15 00:00:00
suse
suse
remote code execution in acroread
2011-03-07 16:51:18
gentoo
gentoo
Adobe Reader: Multiple vulnerabilities
2012-01-30 00:00:00