HomePentest-Tools.com Logo

Adobe Reader/Acrobat Multiple Memory Corruption Vulnerabilities (apsb12-01) - Mac OS X CVE-2011-4370CVE-2011-4371CVE-2011-4372CVE-2011-4373

Severity
CVSSv3 Score
9.8
Vulnerability description

Adobe products are prone to multiple memory corruption vulnerabilities.

Risk description

The flaws are due to - An unspecified error can be exploited to corrupt memory. - A signedness error in rt3d.dll when parsing certain BMP image content can be exploited to cause a heap-based buffer overflow via a specially crafted BMP image embedded in a PDF document. Successful exploitation will allow attackers to execute arbitrary code in the context of the affected application or cause a denial of service.

Recommendation

Upgrade to Adobe Reader version 9.5 or 10.1.2 or later Upgrade to Adobe Acrobat version 9.5 or 10.1.2 or later

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jan 10, 2012
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available