Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Adobe Reader Multiple Vulnerabilities-01 Sep14 (Windows)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The host is installed with Adobe Reader and is prone to multiple vulnerabilities.
Insight
Insight
Multiple Flaws are due to, - An use-after-free error can be exploited to execute arbitrary code. - An error within the implementation of the 'replace()' JavaScript function can be exploited to cause a heap-based buffer overflow via specially crafted arguments. - An error within the 3DIF Plugin (3difr.x3d) can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. - Some unspecified errors can be exploited to cause a memory corruption. - An unspecified error can be exploited to bypass certain sandbox restrictions.
Affected Software
Affected Software
Adobe Reader 10.x before 10.1.12 and 11.x before 11.0.09 on Windows.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Upgrade to Adobe Reader version 10.1.12 or 11.0.09 or later.