ID CVE-2011-0598
Summary Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code via crafted ICC data, a different vulnerability than CVE-2011-0596, CVE-2011-0599, and CVE-2011-0602.
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 30-10-2018 - 16:25)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2013-06-10T04:00:07.119-04:00
class vulnerability
contributors
  • name SecPod Team
    organization SecPod Technologies
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Shane Shaffer
    organization G2, Inc.
  • name Sergey Artykhov
    organization ALTX-SOFT
definition_extensions
  • comment Adobe Acrobat 10.x is installed
    oval oval:org.mitre.oval:def:11989
  • comment Adobe Reader 10.x is installed
    oval oval:org.mitre.oval:def:12283
  • comment Adobe Acrobat 9 Series is installed
    oval oval:org.mitre.oval:def:6013
  • comment Adobe Reader 9 Series is installed
    oval oval:org.mitre.oval:def:6523
  • comment Adobe Reader 8 Series is installed
    oval oval:org.mitre.oval:def:6390
  • comment Adobe Acrobat 8 Series is installed
    oval oval:org.mitre.oval:def:6452
description Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code via crafted ICC data, a different vulnerability than CVE-2011-0596, CVE-2011-0599, and CVE-2011-0602.
family windows
id oval:org.mitre.oval:def:12081
status accepted
submitted 2011-03-28T16:14:59
title Integer overflow vulnerability in ACE.dll of Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6
version 14
redhat via4
advisories
rhsa
id RHSA-2011:0301
refmap via4
bid 46219
bugtraq 20110208 ZDI-11-073: Adobe Reader ICC Parsing Remote Code Execution Vulnerability
confirm http://www.adobe.com/support/security/bulletins/apsb11-03.html
misc http://www.zerodayinitiative.com/advisories/ZDI-11-073/
sectrack 1025033
secunia 43470
vupen
  • ADV-2011-0337
  • ADV-2011-0492
xf adobe-reader-ace-bo(65302)
Last major update 30-10-2018 - 16:25
Published 10-02-2011 - 18:00
Back to Top