SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Adobe Acrobat/Reader Vendors:   Adobe Systems Incorporated
Adobe Acrobat/Reader Multiple Bugs Let Remote Users Bypass Security, Deny Service, and Execute Arbitrary Code
SecurityTracker Alert ID:  1025658
SecurityTracker URL:  http://securitytracker.com/id/1025658
CVE Reference:   CVE-2011-2094, CVE-2011-2095, CVE-2011-2096, CVE-2011-2097, CVE-2011-2098, CVE-2011-2099, CVE-2011-2100, CVE-2011-2101, CVE-2011-2102, CVE-2011-2103, CVE-2011-2104, CVE-2011-2105, CVE-2011-2106, CVE-2011-2107   (Links to External Site)
Updated:  Jun 14 2011
Original Entry Date:  Jun 14 2011
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 8.x - 8.2.6, 9.x - 9.4.4, 10.x - 10.0.3
Description:   Multiple vulnerabilities reported in Adobe Acrobat/Reader. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can cause denial of service conditions. A remote user can bypass a security function.

A remote user can create a specially crafted file that, when loaded by the target user, will trigger a buffer overflow or memory corruption error and execute arbitrary code on the target system [CVE-2011-2094, CVE-2011-2095, CVE-2011-2096, CVE-2011-2097, CVE-2011-2098, CVE-2011-2099, CVE-2011-2103 (version 8.x only), CVE-2011-2105, CVE-2011-2106 (Mac OS X only)]. The code will run with the privileges of the target user.

A remote user can create a specially crafted DLL file on a remote share (e.g., WebDAV, SMB share). In certain cases, the application may load the remote user's DLL instead of the intended DLL and execute arbitrary code [CVE-2011-2100]. This type of exploit is also known as "binary planting" or "DLL preloading".

A remote user can create a specially crafted file that, when loaded by the target user, will cause scripting code to run in the context of a different domain and potentially execute arbitrary code [CVE-2011-2101].

A remote user can bypass security [CVE-2011-2102]. This vulnerability only affects Adobe Reader and Acrobat X.

A remote user can cause denial of service conditions [CVE-2011-2104].

The following product versions are affected:

Adobe Reader X (10.0.1) and earlier 10.x versions for Windows
Adobe Reader X (10.0.3) and earlier 10.x versions for Macintosh
Adobe Reader 9.4.4 and earlier 9.x versions for Windows and Macintosh
Adobe Reader 8.2.6 and earlier 8.x versions for Windows and Macintosh
Adobe Acrobat X (10.0.3) and earlier 10.x versions for Windows and Macintosh
Adobe Acrobat 9.4.4 and earlier 9.x versions for Windows and Macintosh
Adobe Acrobat 8.2.6 and earlier 8.x versions for Windows and Macintosh

An anonymous reporter (via TippingPoint's Zero Day Initiative), Tarjei Mandt of Norman, Secunia Research, Rodrigo Rubira Branco, Mila Parkour, Billy Rios from the Google Security Team, Christian Navarrete of CubilFelino Security Research Lab, Tavis Ormandy of the Google Security Team, Brett Gervasoni of Sense of Security, Will Dormann of CERT, and James Quirk of Los Alamos, New Mexico reported these vulnerabilities.

Impact:   A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote user can cause denial of service conditions.

A remote user can bypass a security function.

Solution:   The vendor has issued a fix (8.3, 9.4.5, 10.1).

This fix includes the Flash player vulnerabilities affecting Adobe Reader/Acrobat that are described in Security Bulletin APSB11-12 and Security Bulletin APSB11-13.

The vendor's advisory is available at:

http://www.adobe.com/support/security/bulletins/apsb11-16.html

Vendor URL:  www.adobe.com/support/security/bulletins/apsb11-16.html (Links to External Site)
Cause:   Access control error, Not specified
Underlying OS:  Linux (Any), UNIX (macOS/OS X), UNIX (Solaris - SunOS), Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC