Adobe Acrobat and Reader Remote Security Restriction Bypass Vulnerability
Release date:
Updated on: 2011-11-16
Affected Systems:
Adobe Acrobat 9.x
Adobe Acrobat 8.x
Adobe Acrobat 10.x
Adobe Reader 9.x
Adobe Reader 8.x
Unaffected system:
Adobe Acrobat 9.4.6
Adobe Acrobat 8.3.1
Adobe Acrobat 10.1.1
Adobe Reader 9.4.6
Adobe Reader 8.3.1
Adobe Reader 10.1.1
Description:
--------------------------------------------------------------------------------
Bugtraq id: 49582
Cve id: CVE-2011-2431
Adobe Reader (also known as Acrobat Reader) is an excellent PDF document reading software developed by Adobe. Acrobat is a series of products launched in 1993 for enterprises, technicians and creative professionals, making smart document delivery and collaboration more flexible, reliable, and secure.
Adobe Acrobat and Reader have a remote Security Restriction Bypass Vulnerability. Remote attackers can exploit this vulnerability to execute arbitrary code.
<* Source: Vladimir Vorontsov
Link: http://www.adobe.com/support/security/bulletins/apsb11-24.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Adobe
-----
Adobe has released a Security Bulletin (apsb11-24) and patches for this:
Apsb11-24: Security updates available for Adobe Reader and Acrobat
Link: http://www.adobe.com/support/security/bulletins/apsb11-24.html