You are here

U-079: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code

January 11, 2012 - 8:00am

Addthis

PROBLEM:

Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code.

PLATFORM:

Adobe Acrobat/Reader Version(s): 9.x prior to 9.5, 10.x prior to 10.1.2

ABSTRACT:

A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.

reference  LINKS:

SecurityTracker Alert ID: 1026496
Adobe Security Bulletin APSB12-01
CVE-2011-2462, CVE-2011-4369,
CVE-2011-4370, CVE-2011-4371,
CVE-2011-4372, CVE-2011-4373.

IMPACT ASSESSMENT:

High

Discussion:

Several vulnerabilities were reported in Adobe Acrobat/Reader. A remote user can cause arbitrary code to be executed on the target user's system.

Impact:

The code will run with the privileges of the target user.Memory corruption flaws can trigger code execution. A heap corruption flaw can trigger code execution .

Solution:

The vendor has issued a fix (9.5, 10.1.2). Adobe Solution downloads .

Addthis