OSVDB ID: 75430

Title: Adobe Reader / Acrobat Unspecified Security Bypass Remote Code Execution

Info

Disclosure

Sep 13, 2011

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Sep 13, 2011

Description

Adobe Reader and Acrobat contains a flaw when an unspecified error occurs. This may allow an attacker to bypass certain security features and execute arbitrary code. No further details have been provided.

Classification

Location: Local / Remote, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Private
Disclosure: Vendor Verified, Coordinated Disclosure

Solution

Upgrade to the version specified in the vendor advisory or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Adobe Systems Incorporated	Adobe Reader	9.4.5
	Adobe Reader	8.3
	Reader X	10.1
	Acrobat	9.4.5
	Acrobat	8.3
	Acrobat X	10.1

References

OVAL ID: 14022
CVE ID: 2011-2431 (see also: NVD)
Secunia Advisory ID: 45978 46737 46849 46917 47680
Bugtraq ID: 49582
Related OSVDB ID: 75429 75431 75432 75433 75434 75435 75436 75437 75438 75439 75440 75441
Mail List Post: http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00025.html
Vendor Specific Advisory URL: http://www.adobe.com/support/security/bulletins/apsb11-24.html
Vendor Specific News/Changelog Entry: http://www.gentoo.org/security/en/glsa/glsa-201201-19.xml
RedHat RHSA: RHSA-2011:1434-01

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/75430

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Adobe Systems Incorporated

Adobe Reader

Reader X

Acrobat

Acrobat X

References

Credit