You are here

T-622: Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability

May 13, 2011 - 3:25am

Addthis

PROBLEM:

Adobe Acrobat and Reader contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system.

PLATFORM:

Adobe Reader versions 9.4.1 and prior, versions 8.2.5 and prior, and version 10.0
Acrobat Standard and Professional versions 9.4.1 and prior and version 10.0
Acrobat Standard and Professional versions 8.2.5 and prior
Acrobat Professional Extended versions 9.4.1 and prior
Acrobat 3D versions 8.2.5 and prior
Adobe Flash Player versions 10.2.159.1 and prior for Windows, Macintosh, Linux, and Solaris

ABSTRACT:

The vulnerability is due to an unspecified error in the affected software when it processes .pdf files. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to view a malicious .pdf file. When viewed, the file could trigger a memory corruption error that could allow the attacker to execute arbitrary code on the system with the privileges of the user.

reference  LINKS:

IntelliShield ID: 22405
APSB11-03
APSB11-12
RHSA-2011:0301-1
IntelliShield ID:33681/0
DOE-CIRC Tech Bulletin: T-609

IMPACT ASSESSMENT:

High

PROBLEM:PLATFORM:ABSTRACT:reference  LINKS:IMPACT ASSESSMENT:iscussion:Discussion:

To exploit this vulnerability, an attacker would need to convince a user to view a malicious .pdf file. This action might require the use of social engineering techniques, such as sending the file via e-mail messages, instant messaging, or other forms of communication.
A successful exploit could result in remote code execution on the system, and a complete system compromise could be possible.

Impact:

An unauthenticated, remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the user. If the user holds elevated privileges, the attacker could gain complete control over the system.

Solution:

Users are advised not to open e-mail messages from suspicious or unrecognized sources. If users cannot verify that links or attachments included in e-mail messages are safe, they are advised not to open them.
Users should verify that unsolicited links are safe to follow.
Administrators are advised to monitor critical systems.
Administrators are advised to apply the appropriate updates.

Adobe has released updates via software automatic update mechanisms or at the following links:

Adobe Reader for Windows
Adobe Reader for Mac
Adobe Reader for Unix
Adobe Acrobat Standard and Professional for Windows
Adobe Acrobat Professional for Mac
Adobe Acrobat Professional Extended for Windows
Adobe Acrobat 3D for Windows
Adobe Flash Player 10.3.181.14

 

Addthis