Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[ GLSA 201009-05 ] Adobe Reader: Multiple vulnerabilities
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
GLSA
Veteran
Veteran


Joined: 12 May 2004
Posts: 1540

PostPosted: Tue Sep 07, 2010 8:26 pm    Post subject: [ GLSA 201009-05 ] Adobe Reader: Multiple vulnerabilities Reply with quote

Gentoo Linux Security Advisory

Title: Adobe Reader: Multiple vulnerabilities (GLSA 201009-05)
Severity: normal
Exploitable: remote
Date: September 07, 2010
Bug(s): #297385, #306429, #313343, #322857
ID: 201009-05

Synopsis


Multiple vulnerabilities in Adobe Reader might result in the execution of
arbitrary code or other attacks.


Background


Adobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF
reader.


Affected Packages

Package: app-text/acroread
Vulnerable: < 9.3.4
Unaffected: >= 9.3.4
Architectures: All supported architectures


Description


Multiple vulnerabilities were discovered in Adobe Reader. For further
information please consult the CVE entries and the Adobe Security
Bulletins referenced below.


Impact


A remote attacker might entice a user to open a specially crafted PDF
file, possibly resulting in the execution of arbitrary code with the
privileges of the user running the application, or bypass intended
sandbox restrictions, make cross-domain requests, inject arbitrary web
script or HTML, or cause a Denial of Service condition.


Workaround


There is no known workaround at this time.


Resolution


All Adobe Reader users should upgrade to the latest version:
Code:
# emerge --sync
    # emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"


References

APSA10-01
APSB10-02
APSB10-07
APSB10-09
APSB10-14
APSB10-16
CVE-2009-3953
CVE-2009-4324
CVE-2010-0186
CVE-2010-0188
CVE-2010-0190
CVE-2010-0191
CVE-2010-0192
CVE-2010-0193
CVE-2010-0194
CVE-2010-0195
CVE-2010-0196
CVE-2010-0197
CVE-2010-0198
CVE-2010-0199
CVE-2010-0201
CVE-2010-0202
CVE-2010-0203
CVE-2010-0204
CVE-2010-1241
CVE-2010-1285
CVE-2010-1295
CVE-2010-1297
CVE-2010-2168
CVE-2010-2201
CVE-2010-2202
CVE-2010-2203
CVE-2010-2204
CVE-2010-2205
CVE-2010-2206
CVE-2010-2207
CVE-2010-2208
CVE-2010-2209
CVE-2010-2210
CVE-2010-2211
CVE-2010-2212


Last edited by GLSA on Sat Mar 22, 2014 4:30 am; edited 2 times in total
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum