Adobe Reader and Acrobat contain multiple overflow conditions in the CoolType.dll library. The issue is triggered as user-supplied input is not properly validated when a sign-extension error occurs. With a specially crafted compound glyph in TrueType fonts, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.

Upgrade to the version specified in the vendor advisory or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• OVAL ID: 14044
• CVE ID: 2011-2441 (see also: NVD)
• Secunia Advisory ID: 45978 46849 46917 47680
• Bugtraq ID: 49581
• Related OSVDB ID: 75429 75430 75431 75432 75433 75434 75435 75436 75437 75438 75439 75440
• Mail List Post: http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00012.html
  http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00013.html
  http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00025.html
• Vendor Specific Advisory URL: http://www.adobe.com/support/security/bulletins/apsb11-24.html
• Vendor Specific News/Changelog Entry: http://www.gentoo.org/security/en/glsa/glsa-201201-19.xml
• Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-11-310/

• binaryproof - Zero Day Initiative (ZDI)