Adobe Reader and Acrobat Memory Corruption Vulnerability (CVE-2014-0563)

Adobe Reader and Acrobat Memory Corruption Vulnerability (CVE-2014-0563)

Release date:
Updated on:

Affected Systems:
Adobe Reader 11.x
Adobe Reader 10.x
Description:
Bugtraq id: 69826
CVE (CAN) ID: CVE-2014-0563

Adobe Reader (also known as Acrobat Reader) is an excellent PDF document reading software developed by Adobe. Acrobat is a series of products launched in 1993 for enterprises, technicians and creative professionals, making smart document delivery and collaboration more flexible, reliable, and secure.

Adobe Reader versions earlier than 11.0.09, Adobe Reader versions earlier than 10.1.12, Adobe Acrobat versions earlier than 11.0.09, and Adobe Acrobat versions earlier than 10.1.12 have a denial-of-service vulnerability in implementation. Successful exploitation can cause memory corruption.

<* Source: Wu Hongjun
Wei Lei

Link: http://helpx.adobe.com/security/products/reader/apsb14-20.html
*>

Suggestion:
Vendor patch:

Adobe
-----
Adobe has released a Security Bulletin (apsb14-20) and patches for this:
Apsb14-20: Security Updates available for Adobe Reader and Acrobat
Link: http://helpx.adobe.com/security/products/reader/apsb14-20.html

Patch download:
Http://www.adobe.com/support/downloads/product.jsp? Product = 10 & platform = Windows
Http://www.adobe.com/support/downloads/product.jsp? Product = 10 & platform = Macintosh
Http://www.adobe.com/support/downloads/product.jsp? Product = 1 & platform = Windows
Http://www.adobe.com/support/downloads/product.jsp? Product = 1 & platform = Macintosh

This article permanently updates the link address: