Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2011-0594
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T21:58:25.859Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:12444", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12444" }, { "name": "ADV-2011-0492", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2011/0492" }, { "name": "43470", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/43470" }, { "name": "RHSA-2011:0301", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html" }, { "name": "adobe-reader-fonts-code-exec(65299)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65299" }, { "name": "ADV-2011-0337", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "name": "1025033", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1025033" }, { "name": "46216", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/46216" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2011-02-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "oval:org.mitre.oval:def:12444", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12444" }, { "name": "ADV-2011-0492", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2011/0492" }, { "name": "43470", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/43470" }, { "name": "RHSA-2011:0301", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html" }, { "name": "adobe-reader-fonts-code-exec(65299)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65299" }, { "name": "ADV-2011-0337", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "name": "1025033", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1025033" }, { "name": "46216", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/46216" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2011-0594", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:12444", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12444" }, { "name": "ADV-2011-0492", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0492" }, { "name": "43470", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43470" }, { "name": "RHSA-2011:0301", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html" }, { "name": "adobe-reader-fonts-code-exec(65299)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65299" }, { "name": "ADV-2011-0337", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "name": "1025033", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1025033" }, { "name": "46216", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46216" }, { "name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2011-0594", "datePublished": "2011-02-10T17:00:00", "dateReserved": "2011-01-20T00:00:00", "dateUpdated": "2024-08-06T21:58:25.859Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2011-0594\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2011-02-10T18:00:58.583\",\"lastModified\":\"2024-11-21T01:24:22.800\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font.\"},{\"lang\":\"es\",\"value\":\"Adobe Reader y Acrobat v10.x anterior a v10.0.1, v9.x anterior a v9.4.2, y v8.x anterior a v8.2.6 en Windows y Mac OS X permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una fuente.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"996EB48E-D2A8-49E4-915A-EBDE26A9FB94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97E20936-EE31-4CEB-A710-3165A28BAD69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5BEA847-A71E-4336-AB67-B3C38847C1C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F6994B-6969-485B-9286-2592B11A47BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC533775-B52E-43F0-BF19-1473BE36232D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18D1C85E-42CC-46F2-A7B6-DAC3C3995330\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4670451-511E-496C-A78A-887366E1E992\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A2A4F62-7AB5-4134-9A65-4B4E1EA262A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35994F76-CD13-4301-9134-FC0CBEA37D97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FB61191-F955-4DE6-A86B-36E031DE1F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E32D68D5-6A79-454B-B14F-9BC865413E3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A57581C-A139-41C3-B9DB-0C4CFA7A1BB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"562772F1-1627-438E-A6B8-7D1AA5536086\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F25C9167-C6D4-4264-9197-50878EDA2D96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD1D7308-09E9-42B2-8836-DC2326C62A9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5C251D2-4C9B-4029-8BED-0FCAED3B8E89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2432AC17-5378-4C61-A775-5172FD44EC03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39EDED39-664F-4B68-B422-2CCCA3B83550\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B508C5CE-1386-47B3-B301-B78DBB3A75D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDC2EEB6-D5EC-430F-962A-1279C9970441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DC590C7-5BDE-4E46-9605-01E95B17F01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCFE67F4-6907-4967-96A3-1757EADA72BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41DFBB39-4BC6-48BB-B66E-99DA4C7DBCE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9731EFE2-A5BE-4389-A92D-DDC573633B6C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26AE76F7-D7F6-4AF2-A5C6-708B5642C288\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"749FFB51-65D4-4A4B-95F3-742440276897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8665E53-EC1E-4B95-9064-2565BC12113E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24218FDA-F9DA-465A-B5D5-76A55C7EE04E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2C5F1C5-85CD-47B9-897F-E51D6902AF72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0E190FF-3EBC-44AB-8072-4D964E843E8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A624D44-C135-4ED3-9BA4-F4F8A044850B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B95C0A99-42E4-40A9-BF61-507E4E4DC052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B9F55CC-3681-4A67-99D1-3F40447392D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9C0AC89-804B-44A1-929A-118993B6BAA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39B174C3-1BA6-4654-BFA4-CC126454E147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ACDAA2B-3977-4590-9F16-5DDB6FF6545B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB7C4E07-0909-4114-BBFB-92626AFC49BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7832B75B-7868-44DE-A9A4-CBD9CC117DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AA53564-9ACD-4CFB-9AAC-A77440026A57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F475858-DCE2-4C93-A51A-04718DF17593\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88687272-4CD0-42A2-B727-C322ABDE3549\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B35CC915-EEE3-4E86-9E09-1893C725E07B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76201694-E5C5-4CA3-8919-46937AFDAAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"397AB988-1C2C-4247-9B34-806094197CB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FA0B8C3-8060-4685-A241-9852BD63B7A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB9BBDE-634A-47CF-BA49-67382B547900\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F56B1726-4F05-4732-9D8B-077EF593EAEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A258374F-55CB-48D2-9094-CD70E1288F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"627B0DA4-E600-49F1-B455-B4E151B33236\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B57C5136-7853-478B-A342-6013528B41B4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/43470\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-03.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0301.html\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.securityfocus.com/bid/46216\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.securitytracker.com/id?1025033\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0337\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0492\",\"source\":\"psirt@adobe.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/65299\",\"source\":\"psirt@adobe.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12444\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://secunia.com/advisories/43470\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-03.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0301.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/46216\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1025033\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0337\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0492\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/65299\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12444\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
var-201102-0066
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 30, 2012 Bugs: #354211, #382969, #393481 ID: 201201-19
Synopsis
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.7 >= 9.4.7=20
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF file using Adobe Reader, possibly resulting in the remote execution of arbitrary code, a Denial of Service, or other impact.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201102-0066", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "acrobat", "scope": "eq", "trust": 1.9, "vendor": "adobe", "version": "8.2.3" }, { "model": "acrobat", "scope": "eq", "trust": 1.9, "vendor": "adobe", "version": "8.2.4" }, { "model": "acrobat", "scope": "eq", "trust": 1.9, "vendor": "adobe", "version": "8.2.2" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.1.4" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.1.7" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.1.3" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.1.6" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.1.5" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.2.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.2" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "10.0" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.3.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.3" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.4" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.1.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.4.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.2" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.3.3" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.3.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.2.3" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.5" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.3.3" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.1" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.4.1" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.2.4" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.0" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.3.1" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.3.4" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1.3" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.3" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.0" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "10.0" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.4" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.4" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.6" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.3.2" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.0" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1.3" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.2.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.2.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.3.4" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.0" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.7" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.2" }, { "model": "acrobat", "scope": "lte", "trust": 0.8, "vendor": "adobe", "version": "x (10.0)" }, { "model": "reader", "scope": "lte", "trust": 0.8, "vendor": "adobe", "version": "9.4.1" }, { "model": "reader", "scope": "eq", "trust": 0.8, "vendor": "adobe", "version": "x (10.0)" }, { "model": "enterprise linux extras", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 extras" }, { "model": "enterprise linux extras", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4.8.z extras" }, { "model": "enterprise linux server supplementary", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6" }, { "model": "enterprise linux workstation supplementary", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6" }, { "model": "rhel desktop supplementary", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (client)" }, { "model": "rhel desktop supplementary", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6" }, { "model": "rhel supplementary", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (server)" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.3" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.5" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.3" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3" }, { "model": "acrobat", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.4.2" }, { "model": "acrobat standard", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.4.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.3" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.4" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.6" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.3" }, { "model": "reader", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "10.0.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.4" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.4" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0" }, { "model": "desktop extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.3" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.5" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.5" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.5" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.7" }, { "model": "reader", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.4.2" }, { "model": "hat enterprise linux supplementary server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "enterprise linux extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "linux enterprise desktop sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.3" }, { "model": "acrobat professional extended", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.1" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.8" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.3" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.5" }, { "model": "acrobat professional security updat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1" }, { "model": "enterprise linux es extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "hat enterprise linux desktop supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "reader security updat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.7" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.3" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.4" }, { "model": "hat enterprise linux server supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.3" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.6" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.2" }, { "model": "acrobat professional", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "10.0.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0" }, { "model": "linux enterprise desktop sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.7" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.2" }, { "model": "hat enterprise linux desktop supplementary client", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3" }, { "model": "acrobat professional", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.4.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.2" }, { "model": "enterprise linux ws extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.3" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.6" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "11.2" }, { "model": "enterprise linux as extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.4" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.4" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.2" }, { "model": "hat enterprise linux workstation supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "acrobat", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "10.0.1" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11.3" }, { "model": "acrobat standard", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "10.0.1" } ], "sources": [ { "db": "BID", "id": "46216" }, { "db": "JVNDB", "id": "JVNDB-2011-001206" }, { "db": "CNNVD", "id": "CNNVD-201102-141" }, { "db": "NVD", "id": "CVE-2011-0594" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:adobe:acrobat", "vulnerable": true }, { "cpe22Uri": "cpe:/a:adobe:acrobat_reader", "vulnerable": true }, { "cpe22Uri": "cpe:/a:redhat:enterprise_linux", "vulnerable": true }, { "cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary", "vulnerable": true }, { "cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary", "vulnerable": true }, { "cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary", "vulnerable": true }, { "cpe22Uri": "cpe:/a:redhat:rhel_supplementary", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-001206" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Tavis Ormandy of the Google Security Team", "sources": [ { "db": "BID", "id": "46216" }, { "db": "CNNVD", "id": "CNNVD-201102-141" } ], "trust": 0.9 }, "cve": "CVE-2011-0594", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "CVE-2011-0594", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "VHN-48539", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2011-0594", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2011-0594", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-201102-141", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-48539", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-48539" }, { "db": "JVNDB", "id": "JVNDB-2011-001206" }, { "db": "CNNVD", "id": "CNNVD-201102-141" }, { "db": "NVD", "id": "CVE-2011-0594" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201201-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 30, 2012\n Bugs: #354211, #382969, #393481\n ID: 201201-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.7 \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile using Adobe Reader, possibly resulting in the remote execution of\narbitrary code, a Denial of Service, or other impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n", "sources": [ { "db": "NVD", "id": "CVE-2011-0594" }, { "db": "JVNDB", "id": "JVNDB-2011-001206" }, { "db": "BID", "id": "46216" }, { "db": "VULHUB", "id": "VHN-48539" }, { "db": "PACKETSTORM", "id": "99246" }, { "db": "PACKETSTORM", "id": "98320" }, { "db": "PACKETSTORM", "id": "109194" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2011-0594", "trust": 2.9 }, { "db": "BID", "id": "46216", "trust": 2.2 }, { "db": "VUPEN", "id": "ADV-2011-0337", "trust": 1.9 }, { "db": "SECTRACK", "id": "1025033", "trust": 1.9 }, { "db": "SECUNIA", "id": "43470", "trust": 1.2 }, { "db": "VUPEN", "id": "ADV-2011-0492", "trust": 1.1 }, { "db": "SECUNIA", "id": "43207", "trust": 1.0 }, { "db": "XF", "id": "65299", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2011-001206", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201102-141", "trust": 0.7 }, { "db": "VULHUB", "id": "VHN-48539", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "99246", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-074", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-071", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-070", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-066", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-067", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-077", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-073", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-072", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-065", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-068", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-075", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-069", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "98320", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "109194", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-48539" }, { "db": "BID", "id": "46216" }, { "db": "JVNDB", "id": "JVNDB-2011-001206" }, { "db": "PACKETSTORM", "id": "99246" }, { "db": "PACKETSTORM", "id": "98320" }, { "db": "PACKETSTORM", "id": "109194" }, { "db": "CNNVD", "id": "CNNVD-201102-141" }, { "db": "NVD", "id": "CVE-2011-0594" } ] }, "id": "VAR-201102-0066", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-48539" } ], "trust": 0.01 }, "last_update_date": "2024-11-23T20:45:52.822000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "APSB11-03", "trust": 0.8, "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" }, { "title": "cpsid_89065", "trust": 0.8, "url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html" }, { "title": "RHSA-2011:0301", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-001206" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-48539" }, { "db": "JVNDB", "id": "JVNDB-2011-001206" }, { "db": "NVD", "id": "CVE-2011-0594" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.1, "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" }, { "trust": 1.9, "url": "http://www.securityfocus.com/bid/46216" }, { "trust": 1.9, "url": "http://www.securitytracker.com/id?1025033" }, { "trust": 1.9, "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12444" }, { "trust": 1.1, "url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html" }, { "trust": 1.1, "url": "http://secunia.com/advisories/43470" }, { "trust": 1.1, "url": "http://www.vupen.com/english/advisories/2011/0492" }, { "trust": 1.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65299" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0594" }, { "trust": 0.8, "url": "http://xforce.iss.net/xforce/xfdb/65299" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/at/2011/at110004.txt" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0594" }, { "trust": 0.8, "url": "http://secunia.com/advisories/43207" }, { "trust": 0.8, "url": "http://www.npa.go.jp/cyberpolice/#topics" }, { "trust": 0.3, "url": "http://www.adobe.com" }, { "trust": 0.2, "url": "http://secunia.com/products/corporate/evm/" }, { "trust": 0.2, "url": "http://secunia.com/products/corporate/vim/section_179/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.2, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.2, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/43470/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/43470/#comments" }, { "trust": 0.1, "url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/43207/#comments" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/" }, { "trust": 0.1, "url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/" }, { "trust": 0.1, "url": "http://www.fortiguard.com/advisory/fga-2011-06.html" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/43207/" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/" }, { "trust": 0.1, "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-201201-19.xml" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." } ], "sources": [ { "db": "VULHUB", "id": "VHN-48539" }, { "db": "BID", "id": "46216" }, { "db": "JVNDB", "id": "JVNDB-2011-001206" }, { "db": "PACKETSTORM", "id": "99246" }, { "db": "PACKETSTORM", "id": "98320" }, { "db": "PACKETSTORM", "id": "109194" }, { "db": "CNNVD", "id": "CNNVD-201102-141" }, { "db": "NVD", "id": "CVE-2011-0594" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-48539" }, { "db": "BID", "id": "46216" }, { "db": "JVNDB", "id": "JVNDB-2011-001206" }, { "db": "PACKETSTORM", "id": "99246" }, { "db": "PACKETSTORM", "id": "98320" }, { "db": "PACKETSTORM", "id": "109194" }, { "db": "CNNVD", "id": "CNNVD-201102-141" }, { "db": "NVD", "id": "CVE-2011-0594" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-02-10T00:00:00", "db": "VULHUB", "id": "VHN-48539" }, { "date": "2011-02-08T00:00:00", "db": "BID", "id": "46216" }, { "date": "2011-03-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-001206" }, { "date": "2011-03-14T11:37:12", "db": "PACKETSTORM", "id": "99246" }, { "date": "2011-02-09T03:30:01", "db": "PACKETSTORM", "id": "98320" }, { "date": "2012-01-31T00:07:37", "db": "PACKETSTORM", "id": "109194" }, { "date": "2011-02-10T00:00:00", "db": "CNNVD", "id": "CNNVD-201102-141" }, { "date": "2011-02-10T18:00:58.583000", "db": "NVD", "id": "CVE-2011-0594" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-10-30T00:00:00", "db": "VULHUB", "id": "VHN-48539" }, { "date": "2015-03-19T08:46:00", "db": "BID", "id": "46216" }, { "date": "2011-03-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-001206" }, { "date": "2011-02-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201102-141" }, { "date": "2024-11-21T01:24:22.800000", "db": "NVD", "id": "CVE-2011-0594" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "109194" }, { "db": "CNNVD", "id": "CNNVD-201102-141" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution", "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-001206" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation", "sources": [ { "db": "CNNVD", "id": "CNNVD-201102-141" } ], "trust": 0.6 } }
gsd-2011-0594
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2011-0594", "description": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font.", "id": "GSD-2011-0594", "references": [ "https://www.suse.com/security/cve/CVE-2011-0594.html", "https://access.redhat.com/errata/RHSA-2011:0301" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2011-0594" ], "details": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font.", "id": "GSD-2011-0594", "modified": "2023-12-13T01:19:04.932537Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2011-0594", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:12444", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12444" }, { "name": "ADV-2011-0492", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0492" }, { "name": "43470", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43470" }, { "name": "RHSA-2011:0301", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html" }, { "name": "adobe-reader-fonts-code-exec(65299)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65299" }, { "name": "ADV-2011-0337", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "name": "1025033", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1025033" }, { "name": "46216", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46216" }, { "name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2011-0594" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-20" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html", "refsource": "CONFIRM", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" }, { "name": "ADV-2011-0337", "refsource": "VUPEN", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "name": "46216", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/46216" }, { "name": "1025033", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id?1025033" }, { "name": "RHSA-2011:0301", "refsource": "REDHAT", "tags": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html" }, { "name": "43470", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/43470" }, { "name": "ADV-2011-0492", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2011/0492" }, { "name": "adobe-reader-fonts-code-exec(65299)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65299" }, { "name": "oval:org.mitre.oval:def:12444", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12444" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": true } }, "lastModifiedDate": "2018-10-30T16:25Z", "publishedDate": "2011-02-10T18:00Z" } } }
rhsa-2011_0301
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nThis update fixes multiple vulnerabilities in Adobe Reader. These\nvulnerabilities are detailed on the Adobe security page APSB11-03, listed\nin the References section.\n\nA specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. (CVE-2011-0562, CVE-2011-0563, CVE-2011-0565, CVE-2011-0566,\nCVE-2011-0567, CVE-2011-0585, CVE-2011-0586, CVE-2011-0589, CVE-2011-0590,\nCVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0594, CVE-2011-0595,\nCVE-2011-0596, CVE-2011-0598, CVE-2011-0599, CVE-2011-0600, CVE-2011-0602,\nCVE-2011-0603, CVE-2011-0606)\n\nMultiple security flaws were found in Adobe reader. A specially-crafted PDF\nfile could cause cross-site scripting (XSS) attacks against the user\nrunning Adobe Reader when opened. (CVE-2011-0587, CVE-2011-0604)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.2, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2011:0301", "url": "https://access.redhat.com/errata/RHSA-2011:0301" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.adobe.com/support/security/bulletins/apsb11-03.html", "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" }, { "category": "external", "summary": "676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "676158", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676158" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_0301.json" } ], "title": "Red Hat Security Advisory: acroread security update", "tracking": { "current_release_date": "2024-11-14T11:28:33+00:00", "generator": { "date": "2024-11-14T11:28:33+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2011:0301", "initial_release_date": "2011-02-23T21:16:00+00:00", "revision_history": [ { "date": "2011-02-23T21:16:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2011-02-23T16:17:46+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T11:28:33+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Desktop version 4 Extras", "product": { "name": "Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4 Extras", "product": { "name": "Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "acroread-0:9.4.2-1.el4.i386", "product": { "name": "acroread-0:9.4.2-1.el4.i386", "product_id": "acroread-0:9.4.2-1.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread@9.4.2-1.el4?arch=i386" } } }, { "category": "product_version", "name": "acroread-plugin-0:9.4.2-1.el4.i386", "product": { "name": "acroread-plugin-0:9.4.2-1.el4.i386", "product_id": "acroread-plugin-0:9.4.2-1.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread-plugin@9.4.2-1.el4?arch=i386" } } }, { "category": "product_version", "name": "acroread-0:9.4.2-1.el5.i386", "product": { "name": "acroread-0:9.4.2-1.el5.i386", "product_id": "acroread-0:9.4.2-1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread@9.4.2-1.el5?arch=i386" } } }, { "category": "product_version", "name": "acroread-plugin-0:9.4.2-1.el5.i386", "product": { "name": "acroread-plugin-0:9.4.2-1.el5.i386", "product_id": "acroread-plugin-0:9.4.2-1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread-plugin@9.4.2-1.el5?arch=i386" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "acroread-plugin-0:9.4.2-3.el6_0.i686", "product": { "name": "acroread-plugin-0:9.4.2-3.el6_0.i686", "product_id": "acroread-plugin-0:9.4.2-3.el6_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread-plugin@9.4.2-3.el6_0?arch=i686" } } }, { "category": "product_version", "name": "acroread-0:9.4.2-3.el6_0.i686", "product": { "name": "acroread-0:9.4.2-3.el6_0.i686", "product_id": "acroread-0:9.4.2-3.el6_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread@9.4.2-3.el6_0?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:acroread-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-plugin-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-1.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-1.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-plugin-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:acroread-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-plugin-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:acroread-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-plugin-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386" }, "product_reference": "acroread-0:9.4.2-1.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386" }, "product_reference": "acroread-plugin-0:9.4.2-1.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386" }, "product_reference": "acroread-0:9.4.2-1.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386" }, "product_reference": "acroread-plugin-0:9.4.2-1.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-3.el6_0.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686" }, "product_reference": "acroread-0:9.4.2-3.el6_0.i686", "relates_to_product_reference": "6Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-3.el6_0.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" }, "product_reference": "acroread-plugin-0:9.4.2-3.el6_0.i686", "relates_to_product_reference": "6Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-3.el6_0.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686" }, "product_reference": "acroread-0:9.4.2-3.el6_0.i686", "relates_to_product_reference": "6Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-3.el6_0.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" }, "product_reference": "acroread-plugin-0:9.4.2-3.el6_0.i686", "relates_to_product_reference": "6Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-3.el6_0.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686" }, "product_reference": "acroread-0:9.4.2-3.el6_0.i686", "relates_to_product_reference": "6Workstation-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-3.el6_0.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" }, "product_reference": "acroread-plugin-0:9.4.2-3.el6_0.i686", "relates_to_product_reference": "6Workstation-Supplementary" } ] }, "vulnerabilities": [ { "cve": "CVE-2011-0562", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0570 and CVE-2011-0588.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0562" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0562", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0562" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0562", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0562" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0563", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0589 and CVE-2011-0606.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0563" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0563", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0563" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0563", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0563" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0565", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0585.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0565" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0565", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0565" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0565", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0565" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0566", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0566" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0566", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0566" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0566", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0566" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0567", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "AcroRd32.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image that triggers an incorrect pointer calculation, leading to heap memory corruption, a different vulnerability than CVE-2011-0566 and CVE-2011-0603.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0567" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0567", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0567" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0567", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0567" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0585", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0565.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0585" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0585", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0585" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0585", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0585" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0586", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X do not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0586" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0586", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0586" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0586", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0586" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0587", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676158" } ], "notes": [ { "category": "description", "text": "Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0604.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: multiple XSS flaws (APSB11-03)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0587" }, { "category": "external", "summary": "RHBZ#676158", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676158" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0587", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0587" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0587", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0587" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "acroread: multiple XSS flaws (APSB11-03)" }, { "cve": "CVE-2011-0589", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0589" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0589", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0589" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0589", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0589" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0590", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file, a different vulnerability than CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0590" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0590", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0590" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0590", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0590" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0591", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to Texture and rgba, a different vulnerability than CVE-2011-0590, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0591" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0591", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0591" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0591", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0591" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0592", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to \"Texture bmp,\" a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0592" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0592", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0592" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0592", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0592" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0593", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0595, and CVE-2011-0600.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0593" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0593", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0593" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0593", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0593" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0594", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0594" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0594", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0594" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0594", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0594" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0595", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0595" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0595", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0595" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0595", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0595" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0596", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted (1) height and (2) width values for an RLE_8 compressed bitmap, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-0598, CVE-2011-0599, and CVE-2011-0602.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0596" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0596", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0596" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0596", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0596" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0598", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code via crafted ICC data, a different vulnerability than CVE-2011-0596, CVE-2011-0599, and CVE-2011-0602.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0598" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0598", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0598" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0598", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0598" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0599", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted image that causes an invalid pointer calculation related to 4/8-bit RLE compression, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0602.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0599" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0599", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0599" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0599", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0599" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0600", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "The U3D component in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file with an invalid Parent Node count that triggers an incorrect size calculation and memory corruption, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0595.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0600" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0600", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0600" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0600", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0600" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0602", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via crafted JP2K record types in a JPEG2000 image in a PDF file, which causes heap corruption, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0599.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0602" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0602", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0602" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0602", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0602" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0603", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0566 and CVE-2011-0567.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0603" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0603", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0603" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0604", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676158" } ], "notes": [ { "category": "description", "text": "Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0587.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: multiple XSS flaws (APSB11-03)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0604" }, { "category": "external", "summary": "RHBZ#676158", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676158" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0604", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0604" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0604", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0604" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "acroread: multiple XSS flaws (APSB11-03)" }, { "cve": "CVE-2011-0606", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Stack-based buffer overflow in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a crafted length value, a different vulnerability than CVE-2011-0563 and CVE-2011-0589.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0606" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0606", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0606" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0606", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0606" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" } ] }
ghsa-3997-cwm3-9wpp
Vulnerability from github
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font.
{ "affected": [], "aliases": [ "CVE-2011-0594" ], "database_specific": { "cwe_ids": [ "CWE-20" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2011-02-10T18:00:00Z", "severity": "HIGH" }, "details": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font.", "id": "GHSA-3997-cwm3-9wpp", "modified": "2022-05-14T02:18:21Z", "published": "2022-05-14T02:18:21Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0594" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65299" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12444" }, { "type": "WEB", "url": "http://secunia.com/advisories/43470" }, { "type": "WEB", "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" }, { "type": "WEB", "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/46216" }, { "type": "WEB", "url": "http://www.securitytracker.com/id?1025033" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2011/0492" } ], "schema_version": "1.4.0", "severity": [] }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.