OSVDB ID: 71377 Title: Adobe Reader / Acrobat rt3d.dll Crafted File Length Handling Overflow |
Info |
|
|
Dates |
||||
|
|
Description |
Adobe Reader and Acrobat are prone to an overflow condition. The 3d.dll component fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted length value in a file, a context-dependent attacker can potentially execute arbitrary code. |
Classification |
Location:
Local / Remote,
Context Dependent
Attack Type: Input Manipulation Impact: Loss of Integrity Solution: Upgrade Exploit: Exploit Private Disclosure: Vendor Verified, Coordinated Disclosure |
Solution |
Upgrade to version 8.2.6, 9.4.2, or 10.0.1 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. |
Products |
|
References |
|
Credit |
Unknown or Incomplete |