Adobe Acrobat and Reader security feature Bypass Vulnerability (CVE-2014-0546)

Adobe Acrobat and Reader security feature Bypass Vulnerability (CVE-2014-0546)

Release date:
Updated on:

Affected Systems:
Adobe Acrobat 11.x
Adobe Acrobat 10.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 69193
CVE (CAN) ID: CVE-2014-0546
 
Adobe Reader (also known as Acrobat Reader) is an excellent PDF document reading software developed by Adobe. Acrobat is a series of products launched in 1993 for enterprises, technicians and creative professionals, making smart document delivery and collaboration more flexible, reliable, and secure.
 
Adobe Reader, Acrobat 10.1.11, and earlier than 11.0.08 allow attackers to bypass the sandbox protection mechanism and then execute local code in the privileged context.
 
<* Source: Vitaly Kamluk
Costin Raiu

Link: http://helpx.adobe.com/security/products/reader/apsb14-19.html
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
 
Adobe
-----
Adobe has released a Security Bulletin (APSB14-19) and patches for this:
APSB14-19: Security Updates available for Adobe Reader and Acrobat
Link: http://helpx.adobe.com/security/products/reader/apsb14-19.html

This article permanently updates the link address: