Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X) Network Vulnerability

Summary

This host is installed with Adobe Acrobat and is prone to multiple vulnerabilities.

Impact

Successful exploitation will let attackers to bypass certain security restrictions, execute arbitrary code via unspecified vectors or cause a denial of service. Impact Level: System/Application

Solution

Upgrade to Adobe Acrobat version 9.5.1 or 10.1.3 on later, For updates refer to http://www.adobe.com

Insight

The flaws are due to - An unspecified error when handling JavaScript/JavaScript API can be exploited to corrupt memory. - An integer overflow error when handling True Type Font (TTF) can be exploited to corrupt memory. - The application loads executables (msiexec.exe) in an insecure manner.

Affected

Adobe Acrobat version 9.x to 9.5 and prior and 10.x to 10.1.2 on Mac OS X

References

http://secunia.com/advisories/48733
http://www.adobe.com/support/security/bulletins/apsb12-08.html
http://www.securitytracker.com/id/1026908

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0774, CVE-2012-0775, CVE-2012-0776, CVE-2012-0777
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air Multiple Vulnerabilities - December12 (Windows)
Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Mac OS X)
Adobe Acrobat Remote Code Execution Vulnerability(Win)
Adobe Air Multiple Vulnerabilities -01 May 13 (Windows)

Take action and discover your vulnerabilities