CVE-2011-4373

Related Files

Gentoo Linux Security Advisory 201206-14

Posted Jun 22, 2012

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-14 - Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks. Versions less than 9.5.1 are affected.

tags | advisory, remote, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2011-4370, CVE-2011-4371, CVE-2011-4372, CVE-2011-4373, CVE-2012-0774, CVE-2012-0775, CVE-2012-0776, CVE-2012-0777

SHA-256 | 59faf1ae8b9f400e9098e2c922873ec9097d3782e6a02c5ac0d7feba5e2fa005

Download | Favorite | View

Zero Day Initiative Advisory 12-021

Posted Feb 8, 2012

Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-021 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within 2d.x3d, which is Adobe Reader's code responsible for processing BMP files. When passing a negative size parameter in the 'colors' field, a series of signed comparisons will be averted, and the overly large size parameter is passed to a memcpy(). This will cause a heap-based buffer overflow, allowing an attacker to execute code under the context of the user.

tags | advisory, remote, overflow, arbitrary

advisories | CVE-2011-4373

SHA-256 | 24f0d26f31e6c8fcf24c50cab38a6f9c749dcbe2a5ff797f47cc95f3469fc940

Download | Favorite | View