GLSA
Veteran
Joined: 12 May 2004
Posts: 1303
|
 Posted: Sun Oct 25, 2009 7:26 pm Post subject: [ GLSA 200910-03 ] Adobe Reader: Multiple vulnerabilities |
 |
|
Gentoo Linux Security Advisory
Title: Adobe Reader: Multiple vulnerabilities (GLSA 200910-03)
Severity: normal
Exploitable: remote
Date: October 25, 2009
Bug(s): #289016
ID: 200910-03
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of
arbitrary code, or other attacks.
Background
Adobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF
reader.
Affected Packages
Package: app-text/acroread
Vulnerable: < 9.2
Unaffected: >= 9.2
Architectures: All supported architectures
Description
Multiple vulnerabilities were discovered in Adobe Reader. For further
information please consult the CVE entries and the Adobe Security
Bulletin referenced below.
Impact
A remote attacker might entice a user to open a specially crafted PDF
file, possibly resulting in the execution of arbitrary code with the
privileges of the user running the application, Denial of Service, the
creation of arbitrary files on the victim's system, "Trust Manager"
bypass, or social engineering attacks.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
| Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.2" |
References
APSB09-15
CVE-2007-0045
CVE-2007-0048
CVE-2009-2979
CVE-2009-2980
CVE-2009-2981
CVE-2009-2982
CVE-2009-2983
CVE-2009-2985
CVE-2009-2986
CVE-2009-2988
CVE-2009-2990
CVE-2009-2991
CVE-2009-2993
CVE-2009-2994
CVE-2009-2996
CVE-2009-2997
CVE-2009-2998
CVE-2009-3431
CVE-2009-3458
CVE-2009-3459
CVE-2009-3462
Last edited by GLSA on Wed Jan 12, 2011 4:28 am; edited 3 times in total |
|
News & Announcements
