Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Adobe Acrobat / Reader
дополнено с 21 января 2012 г.
Опубликовано:13 февраля 2012 г.
Источник:
SecurityVulns ID:12154
Тип:клиент
Уровень опасности:
8/10
Описание:Выполнение кода, многочисленные повреждения памяти.
Затронутые продукты:ADOBE : Reader 10.1
 ADOBE : Acrobat 10.1
CVE:CVE-2011-4373 (Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372.)
 CVE-2011-4372 (Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373.)
 CVE-2011-4371 (Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2011-4370 (Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4372 and CVE-2011-4373.)
 CVE-2011-4369 (Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.)
 CVE-2011-2462 (Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.)
Оригинальный текстdocumentZDI, ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability (13.02.2012)
 documentVUPEN Security Research, VUPEN Security Research - Adobe Acrobat and Reader Image Processing Integer Overflow (APSB12-01) (21.01.2012)
 documentADOBE, Security updates available for Adobe Reader and Acrobat (21.01.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород