Gentoo Linux Security Advisory 200910-3 - Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code, or other attacks. Multiple vulnerabilities were discovered in Adobe Reader. Versions less than 9.2 are affected.
cf303bc61426589808c198dba2d9c4e5dc717575857163c0c64d5200873a727aA remotely exploitable vulnerability has been found in Adobe Acrobat Reader/Acrobat Firefox plugin. Versions 8.1.3 through 8.1.6 are affected.
02dfa8f527d8d6db4d18a0236b10c85a02cc3272c626c753553d001851062481iDefense Security Advisory 10.13.09 - Remote exploitation of a use after free vulnerability in Adobe Systems Inc.'s Acrobat and Reader Firefox plugin could allow an attacker to execute arbitrary code with the privileges of the current user. When Adobe Acrobat/Reader is installed, it also installs various browser plugins that allow PDF documents to be viewed in the browser. This vulnerability occurs within the Firefox browser plugin. The Internet Explorer version is not affected. The vulnerability occurs when Firefox attempts to navigate away from a page and unload the PDF viewing plugin. When Firefox calls the plugin's destroy method, the plugin does not properly free its resources. Specifically, a function pointer for the window update routine is not properly freed. This results in uninitialized memory being used when the window is redrawn, which leads to attacker supplied data being executed when the function pointer is dereferenced. iDefense has confirmed the existence of this vulnerability in Acrobat and Reader versions 8.1.3, 8.1.4, 8.1.5, and 8.1.6. Previous versions are also likely affected. Version 9.1.3 and previous 9.x versions are not affected.
26d2526e5fa4a158dc90e307c84a2c19f9b708a1d9689add295e4f768fab5f65
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed