Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2011-2462
Vulnerability from cvelistv5
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2022-06-08
Due date: 2022-06-22
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://nvd.nist.gov/vuln/detail/CVE-2011-2462
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T23:00:33.994Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2012:0087", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.adobe.com/support/security/advisories/apsa11-04.html" }, { "name": "RHSA-2012:0011", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2012-0011.html" }, { "name": "SUSE-SU-2012:0086", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.adobe.com/support/security/bulletins/apsb11-30.html" }, { "name": "oval:org.mitre.oval:def:14562", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562" }, { "name": "TA11-350A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-350A.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2011-12-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "openSUSE-SU-2012:0087", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.adobe.com/support/security/advisories/apsa11-04.html" }, { "name": "RHSA-2012:0011", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2012-0011.html" }, { "name": "SUSE-SU-2012:0086", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.adobe.com/support/security/bulletins/apsb11-30.html" }, { "name": "oval:org.mitre.oval:def:14562", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562" }, { "name": "TA11-350A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-350A.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2011-2462", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2012:0087", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html" }, { "name": "http://www.adobe.com/support/security/bulletins/apsb12-01.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html" }, { "name": "http://www.adobe.com/support/security/advisories/apsa11-04.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/advisories/apsa11-04.html" }, { "name": "RHSA-2012:0011", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2012-0011.html" }, { "name": "SUSE-SU-2012:0086", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html" }, { "name": "http://www.adobe.com/support/security/bulletins/apsb11-30.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb11-30.html" }, { "name": "oval:org.mitre.oval:def:14562", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562" }, { "name": "TA11-350A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA11-350A.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2011-2462", "datePublished": "2011-12-07T19:00:00", "dateReserved": "2011-06-06T00:00:00", "dateUpdated": "2024-08-06T23:00:33.994Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "cisa_known_exploited": { "cveID": "CVE-2011-2462", "cwes": "[\"CWE-787\"]", "dateAdded": "2022-06-08", "dueDate": "2022-06-22", "knownRansomwareCampaignUse": "Unknown", "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-2462", "product": "Acrobat and Reader", "requiredAction": "Apply updates per vendor instructions.", "shortDescription": "The Universal 3D (U3D) component in Adobe Acrobat and Reader contains a memory corruption vulnerability which could allow remote attackers to execute code or cause denial-of-service (DoS).", "vendorProject": "Adobe", "vulnerabilityName": "Adobe Acrobat and Reader Universal 3D Memory Corruption Vulnerability" }, "nvd": "{\"cve\":{\"id\":\"CVE-2011-2462\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2011-12-07T19:55:01.673\",\"lastModified\":\"2024-12-20T14:47:10.930\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en el componente de U3D en Adobe Reader y Acrobat v10.1.1 y versiones anteriores para Windows y Mac OS X, y Adobe Reader v9.x hasta v9.4.6 en UNIX, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores desconocidos, explotado \\\"in the wild\\\" en diciembre de 2011.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-06-08\",\"cisaActionDue\":\"2022-06-22\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Adobe Acrobat and Reader Universal 3D Memory Corruption Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.1.1\",\"matchCriteriaId\":\"A70868B3-F3C5-4DC0-9013-78E77F424109\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.1.1\",\"matchCriteriaId\":\"68D60103-B447-48D2-9B52-81DEA719CEBE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0\",\"versionEndIncluding\":\"9.4.6\",\"matchCriteriaId\":\"0142C12E-A8F0-4E88-AECE-88F068E5E874\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A90CB3A-9BE7-475C-9E75-6ECAD2106302\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.adobe.com/support/security/advisories/apsa11-04.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-30.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb12-01.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2012-0011.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA11-350A.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.adobe.com/support/security/advisories/apsa11-04.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-30.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb12-01.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2012-0011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA11-350A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}]}}" } }
gsd-2011-2462
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2011-2462", "description": "Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.", "id": "GSD-2011-2462", "references": [ "https://www.suse.com/security/cve/CVE-2011-2462.html", "https://access.redhat.com/errata/RHSA-2012:0011", "https://packetstormsecurity.com/files/cve/CVE-2011-2462" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2011-2462" ], "details": "Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.", "id": "GSD-2011-2462", "modified": "2023-12-13T01:19:07.405981Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2011-2462", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2012:0087", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html" }, { "name": "http://www.adobe.com/support/security/bulletins/apsb12-01.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html" }, { "name": "http://www.adobe.com/support/security/advisories/apsa11-04.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/advisories/apsa11-04.html" }, { "name": "RHSA-2012:0011", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2012-0011.html" }, { "name": "SUSE-SU-2012:0086", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html" }, { "name": "http://www.adobe.com/support/security/bulletins/apsb11-30.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb11-30.html" }, { "name": "oval:org.mitre.oval:def:14562", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562" }, { "name": "TA11-350A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA11-350A.html" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:4.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:4.0.5c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:4.0.5a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:3.02:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "10.1.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:3.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "10.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:4.0.5c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:4.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:4.0.5a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:5.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:5.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2011-2462" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.adobe.com/support/security/advisories/apsa11-04.html", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "http://www.adobe.com/support/security/advisories/apsa11-04.html" }, { "name": "http://www.adobe.com/support/security/bulletins/apsb11-30.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.adobe.com/support/security/bulletins/apsb11-30.html" }, { "name": "http://www.adobe.com/support/security/bulletins/apsb12-01.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html" }, { "name": "SUSE-SU-2012:0086", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html" }, { "name": "RHSA-2012:0011", "refsource": "REDHAT", "tags": [], "url": "http://www.redhat.com/support/errata/RHSA-2012-0011.html" }, { "name": "openSUSE-SU-2012:0087", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html" }, { "name": "TA11-350A", "refsource": "CERT", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-350A.html" }, { "name": "oval:org.mitre.oval:def:14562", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false } }, "lastModifiedDate": "2017-09-19T01:33Z", "publishedDate": "2011-12-07T19:55Z" } } }
var-201112-0167
Vulnerability from variot
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. ( Memory corruption ) A state vulnerability exists.Arbitrary code execution or denial of service by a third party ( Memory corruption ) It may be in a state. Adobe Acrobat and Reader are prone to a remote memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Acrobat is a series of products aimed at enterprises, technicians and creative professionals launched in 1993, making the transmission and collaboration of intelligent documents more flexible, reliable and secure. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: acroread security update Advisory ID: RHSA-2012:0011-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0011.html Issue date: 2012-01-10 CVE Names: CVE-2011-2462 CVE-2011-4369 =====================================================================
- Summary:
Updated acroread packages that fix two security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
Adobe Reader allows users to view and print documents in Portable Document Format (PDF). These flaws are detailed on the Adobe security page APSB11-30, listed in the References section. Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386: acroread-9.4.7-1.el4.i386.rpm acroread-plugin-9.4.7-1.el4.i386.rpm
x86_64: acroread-9.4.7-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386: acroread-9.4.7-1.el4.i386.rpm acroread-plugin-9.4.7-1.el4.i386.rpm
x86_64: acroread-9.4.7-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386: acroread-9.4.7-1.el4.i386.rpm acroread-plugin-9.4.7-1.el4.i386.rpm
x86_64: acroread-9.4.7-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386: acroread-9.4.7-1.el4.i386.rpm acroread-plugin-9.4.7-1.el4.i386.rpm
x86_64: acroread-9.4.7-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: acroread-9.4.7-1.el5.i386.rpm acroread-plugin-9.4.7-1.el5.i386.rpm
x86_64: acroread-9.4.7-1.el5.i386.rpm acroread-plugin-9.4.7-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: acroread-9.4.7-1.el5.i386.rpm acroread-plugin-9.4.7-1.el5.i386.rpm
x86_64: acroread-9.4.7-1.el5.i386.rpm acroread-plugin-9.4.7-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
x86_64: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
x86_64: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
x86_64: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-2462.html https://www.redhat.com/security/data/cve/CVE-2011-4369.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-30.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
I. Description
Adobe Security Bulletin APSB11-30 and Adobe Security Advisory APSA11-04 describe a number of vulnerabilities affecting Adobe Reader and Acrobat. These vulnerabilities affect Reader and Acrobat 9.4.6 and earlier 9.x versions. These vulnerabilities also affect Reader X and Acrobat X 10.1.1 and earlier 10.x versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in, which can automatically open PDF documents hosted on a website, is available for multiple web browsers and operating systems.
Adobe Reader X and Adobe Acrobat X will be patched in the next quarterly update scheduled for January 10, 2012.
II. Impact
These vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF file.
III. Solution
Update Reader
Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB11-30 and update vulnerable versions of Adobe Reader and Acrobat.
In addition to updating, please consider the following mitigations.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows "%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll" "%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X "/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/AuthPlayLib.bundle" "/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions) "/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so" "/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content that is hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this framework may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF files
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF files in the web browser
Preventing PDF files from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF files from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox. PDF documents that use the PRC format for 3D content will continue to function on Windows and Linux platforms.
To disable U3D support in Adobe Reader 9 on Microsoft Windows, delete or rename this file:
"%ProgramFiles%\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d"
For Apple Mac OS X, delete or rename this directory:
"/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework"
For GNU/Linux, delete or rename this file (locations may vary among distributions):
"/opt/Adobe/Reader9/Reader/intellinux/plug_ins3d/3difr.x3d"
File locations may be different for Adobe Acrobat or other Adobe products or versions.
Do not access PDF files from untrusted sources
Do not open unfamiliar or unexpected PDF files, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA11-350A Feedback VU#759307" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2011 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
December 16, 2011: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTuuZnz/GkGVXE7GMAQIN8ggAjjQO8LOasl98uasGZW2J5SHfkKr675Mf ymRzBagFqO9QuId2RvFG2b9nuq5zdqETsrcG1t668wtYLUhBaoLmFXPe/KsDQ9n+ /p9PctVJFmJpV92S3kAHw+u4t1n/Aa/4IdK0oXNBDhkyXrp41F27LY+aQ8FWWuxZ lL4jXSUQ/gLgb6hOhLjRCsQtEhAcPbX/mPNxl6bACXZaOVZT88fz9M7JXryDiJWO uuFi3O2GT0Bd3fEsL57U/TSbq8SynadObMSj4/+Q1HmOHcD0L5gzd9/N4M3D1Emg y7aeUpgycY5eFefY3LVVkb7JkTUbEZHbuNHydFKIJDRlaXBAo+D0QQ== =rKM4 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201112-0167", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "acrobat reader", "scope": "gte", "trust": 1.0, "vendor": "adobe", "version": "9.0" }, { "model": "acrobat reader", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "9.4.6" }, { "model": "acrobat", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "10.1.1" }, { "model": "acrobat reader", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "10.1.1" }, { "model": "acrobat", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "9.4.6" }, { "model": "acrobat", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "9.3.2" }, { "model": "acrobat", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "9.3.1" }, { "model": "acrobat", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "9.1.1" }, { "model": "acrobat", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "9.3" }, { "model": "acrobat", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "9.2" }, { "model": null, "scope": null, "trust": 0.8, "vendor": "adobe", "version": null }, { "model": "adobe reader", "scope": "eq", "trust": 0.8, "vendor": "\u30a2\u30c9\u30d3", "version": "x (10.1.1) earlier 10.x for windows macintosh" }, { "model": "adobe reader", "scope": "eq", "trust": 0.8, "vendor": "\u30a2\u30c9\u30d3", "version": "9.4.6 9.x previous s for macintosh" }, { "model": "adobe reader", "scope": "eq", "trust": 0.8, "vendor": "\u30a2\u30c9\u30d3", "version": "9.4.7 9.x previous s for windows" }, { "model": "adobe acrobat", "scope": null, "trust": 0.8, "vendor": "\u30a2\u30c9\u30d3", "version": null }, { "model": "acrobat", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "9.1" }, { "model": "acrobat", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "9.1.2" }, { "model": "acrobat", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "9.0" }, { "model": "acrobat", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "9.1.3" }, { "model": "linux enterprise desktop sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux enterprise desktop sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11.4" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11.3" }, { "model": "enterprise linux ws extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux es extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux as extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "desktop extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "hat enterprise linux workstation supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux supplementary server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "hat enterprise linux server supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux desktop supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux desktop supplementary client", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.6" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.3" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.3" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.5" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.3" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.3" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.6" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.4" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.3" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.3" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.5" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.4" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.3" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.3" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.6" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.4" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.3" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.3" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.5" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.4" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.3" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.3" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.1" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.3" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.4" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.5" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.4" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.3" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.2" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.1" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.3" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.2" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.1" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0" }, { "model": "reader", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "10.1.2" }, { "model": "reader", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.4.7" }, { "model": "reader", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.5" }, { "model": "acrobat standard", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "10.1.2" }, { "model": "acrobat standard", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.4.7" }, { "model": "acrobat standard", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.5" }, { "model": "acrobat professional", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "10.1.2" }, { "model": "acrobat professional", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.4.7" }, { "model": "acrobat professional", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.5" }, { "model": "acrobat", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "10.1.2" }, { "model": "acrobat", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.4.7" }, { "model": "acrobat", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.5" } ], "sources": [ { "db": "CERT/CC", "id": "VU#759307" }, { "db": "BID", "id": "50922" }, { "db": "JVNDB", "id": "JVNDB-2011-003287" }, { "db": "CNNVD", "id": "CNNVD-201112-061" }, { "db": "NVD", "id": "CVE-2011-2462" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Lockheed Martin CIRT and MITRE", "sources": [ { "db": "BID", "id": "50922" }, { "db": "CNNVD", "id": "CNNVD-201112-061" } ], "trust": 0.9 }, "cve": "CVE-2011-2462", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CVE-2011-2462", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.9, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "VHN-50407", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "id": "CVE-2011-2462", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 9.8, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2011-2462", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2011-2462", "trust": 1.0, "value": "CRITICAL" }, { "author": "CARNEGIE MELLON", "id": "VU#759307", "trust": 0.8, "value": "52.51" }, { "author": "NVD", "id": "CVE-2011-2462", "trust": 0.8, "value": "Critical" }, { "author": "CNNVD", "id": "CNNVD-201112-061", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-50407", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2011-2462", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "CERT/CC", "id": "VU#759307" }, { "db": "VULHUB", "id": "VHN-50407" }, { "db": "VULMON", "id": "CVE-2011-2462" }, { "db": "JVNDB", "id": "JVNDB-2011-003287" }, { "db": "CNNVD", "id": "CNNVD-201112-061" }, { "db": "NVD", "id": "CVE-2011-2462" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. ( Memory corruption ) A state vulnerability exists.Arbitrary code execution or denial of service by a third party ( Memory corruption ) It may be in a state. Adobe Acrobat and Reader are prone to a remote memory corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Acrobat is a series of products aimed at enterprises, technicians and creative professionals launched in 1993, making the transmission and collaboration of intelligent documents more flexible, reliable and secure. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: acroread security update\nAdvisory ID: RHSA-2012:0011-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-0011.html\nIssue date: 2012-01-10\nCVE Names: CVE-2011-2462 CVE-2011-4369 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6\nSupplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). These flaws are\ndetailed on the Adobe security page APSB11-30, listed in the References\nsection. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\nacroread-9.4.7-1.el4.i386.rpm\nacroread-plugin-9.4.7-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el4.i386.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\nacroread-9.4.7-1.el4.i386.rpm\nacroread-plugin-9.4.7-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el4.i386.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\nacroread-9.4.7-1.el4.i386.rpm\nacroread-plugin-9.4.7-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el4.i386.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\nacroread-9.4.7-1.el4.i386.rpm\nacroread-plugin-9.4.7-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el4.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.4.7-1.el5.i386.rpm\nacroread-plugin-9.4.7-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el5.i386.rpm\nacroread-plugin-9.4.7-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.4.7-1.el5.i386.rpm\nacroread-plugin-9.4.7-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el5.i386.rpm\nacroread-plugin-9.4.7-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2462.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-4369.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb11-30.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\n\nI. Description\n\n Adobe Security Bulletin APSB11-30 and Adobe Security Advisory\n APSA11-04 describe a number of vulnerabilities affecting Adobe\n Reader and Acrobat. These vulnerabilities affect Reader and Acrobat\n 9.4.6 and earlier 9.x versions. These vulnerabilities also affect\n Reader X and Acrobat X 10.1.1 and earlier 10.x versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in, which can automatically open PDF documents hosted on a\n website, is available for multiple web browsers and operating\n systems. \n\n Adobe Reader X and Adobe Acrobat X will be patched in the next\n quarterly update scheduled for January 10, 2012. \n\n\nII. Impact\n\n These vulnerabilities could allow a remote attacker to execute\n arbitrary code, write arbitrary files or folders to the file\n system, escalate local privileges, or cause a denial of service on\n an affected system as the result of a user opening a malicious PDF\n file. \n\n\nIII. Solution\n\n Update Reader\n\n Adobe has released updates to address this issue. Users are\n encouraged to read Adobe Security Bulletin APSB11-30 and update\n vulnerable versions of Adobe Reader and Acrobat. \n\n In addition to updating, please consider the following mitigations. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n GNU/Linux (locations may vary among distributions)\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content that is hosted on websites. Depending on the\n update schedule for products other than Flash Player, consider\n leaving Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this framework may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF files\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF files in the web browser\n\n Preventing PDF files from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF files from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. PDF documents that use the PRC format\n for 3D content will continue to function on Windows and Linux\n platforms. \n\n To disable U3D support in Adobe Reader 9 on Microsoft Windows,\n delete or rename this file:\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\plug_ins3d\\3difr.x3d\"\n\n For Apple Mac OS X, delete or rename this directory:\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n For GNU/Linux, delete or rename this file (locations may vary among\n distributions):\n\n \"/opt/Adobe/Reader9/Reader/intellinux/plug_ins3d/3difr.x3d\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products or versions. \n\n Do not access PDF files from untrusted sources\n\n Do not open unfamiliar or unexpected PDF files, particularly those\n hosted on websites or delivered as email attachments. Please see\n Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA11-350A Feedback VU#759307\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2011 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n December 16, 2011: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTuuZnz/GkGVXE7GMAQIN8ggAjjQO8LOasl98uasGZW2J5SHfkKr675Mf\nymRzBagFqO9QuId2RvFG2b9nuq5zdqETsrcG1t668wtYLUhBaoLmFXPe/KsDQ9n+\n/p9PctVJFmJpV92S3kAHw+u4t1n/Aa/4IdK0oXNBDhkyXrp41F27LY+aQ8FWWuxZ\nlL4jXSUQ/gLgb6hOhLjRCsQtEhAcPbX/mPNxl6bACXZaOVZT88fz9M7JXryDiJWO\nuuFi3O2GT0Bd3fEsL57U/TSbq8SynadObMSj4/+Q1HmOHcD0L5gzd9/N4M3D1Emg\ny7aeUpgycY5eFefY3LVVkb7JkTUbEZHbuNHydFKIJDRlaXBAo+D0QQ==\n=rKM4\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2011-2462" }, { "db": "CERT/CC", "id": "VU#759307" }, { "db": "JVNDB", "id": "JVNDB-2011-003287" }, { "db": "BID", "id": "50922" }, { "db": "VULHUB", "id": "VHN-50407" }, { "db": "VULMON", "id": "CVE-2011-2462" }, { "db": "PACKETSTORM", "id": "108558" }, { "db": "PACKETSTORM", "id": "109194" }, { "db": "PACKETSTORM", "id": "107960" } ], "trust": 3.06 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://www.scap.org.cn/vuln/vhn-50407", "trust": 0.1, "type": "unknown" }, { "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=18366", "trust": 0.1, "type": "exploit" } ], "sources": [ { "db": "VULHUB", "id": "VHN-50407" }, { "db": "VULMON", "id": "CVE-2011-2462" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2011-2462", "trust": 4.7 }, { "db": "USCERT", "id": "TA11-350A", "trust": 2.1 }, { "db": "CERT/CC", "id": "VU#759307", "trust": 1.8 }, { "db": "BID", "id": "50922", "trust": 1.0 }, { "db": "USCERT", "id": "TA15-119A", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2011-003287", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201112-061", "trust": 0.7 }, { "db": "NSFOCUS", "id": "18277", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "108558", "trust": 0.2 }, { "db": "EXPLOIT-DB", "id": "18366", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "108359", "trust": 0.1 }, { "db": "SEEBUG", "id": "SSVID-72491", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-50407", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2011-2462", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "109194", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "107960", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#759307" }, { "db": "VULHUB", "id": "VHN-50407" }, { "db": "VULMON", "id": "CVE-2011-2462" }, { "db": "BID", "id": "50922" }, { "db": "JVNDB", "id": "JVNDB-2011-003287" }, { "db": "PACKETSTORM", "id": "108558" }, { "db": "PACKETSTORM", "id": "109194" }, { "db": "PACKETSTORM", "id": "107960" }, { "db": "CNNVD", "id": "CNNVD-201112-061" }, { "db": "NVD", "id": "CVE-2011-2462" } ] }, "id": "VAR-201112-0167", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-50407" } ], "trust": 0.01 }, "last_update_date": "2024-11-23T20:48:20.988000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "APSA11-04 Fujitsu Fujitsu \u00a0 Security information", "trust": 0.8, "url": "http://blogs.adobe.com/asset/2011/12/background-on-cve-2011-2462.html" }, { "title": "Red Hat: Critical: acroread security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20120011 - Security Advisory" }, { "title": "ExploitAnalysis", "trust": 0.1, "url": "https://github.com/quanyang/ExploitAnalysis " }, { "title": "pdf", "trust": 0.1, "url": "https://github.com/billytion/pdf " }, { "title": "peepdf", "trust": 0.1, "url": "https://github.com/jesparza/peepdf " }, { "title": "rop-collection", "trust": 0.1, "url": "https://github.com/season-lab/rop-collection " }, { "title": "The Register", "trust": 0.1, "url": "https://www.theregister.co.uk/2013/02/22/apt1_report_used_spear_phishing/" }, { "title": "Securelist", "trust": 0.1, "url": "https://securelist.com/kaspersky-security-bulletin-malware-evolution-2011/36494/" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/attackers-reused-adobe-reader-exploit-code-2009-extremely-targeted-hacks-011112/76088/" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/adobe-plans-critical-security-updates-reader-acrobat-next-week-010612/76071/" }, { "title": "The Register", "trust": 0.1, "url": "https://www.theregister.co.uk/2011/12/17/adobe_reader_critical_update/" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/adobe-warns-critical-zero-day-flaw-reader-and-acrobat-120611/75965/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2011-2462" }, { "db": "JVNDB", "id": "JVNDB-2011-003287" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-787", "trust": 1.0 }, { "problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-003287" }, { "db": "NVD", "id": "CVE-2011-2462" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.9, "url": "http://www.adobe.com/support/security/advisories/apsa11-04.html" }, { "trust": 2.0, "url": "http://www.us-cert.gov/cas/techalerts/ta11-350a.html" }, { "trust": 1.6, "url": "http://www.adobe.com/support/security/bulletins/apsb11-30.html" }, { "trust": 1.5, "url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html" }, { "trust": 1.2, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14562" }, { "trust": 1.2, "url": "http://www.redhat.com/support/errata/rhsa-2012-0011.html" }, { "trust": 1.2, "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html" }, { "trust": 1.2, "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html" }, { "trust": 0.9, "url": "http://www.kb.cert.org/vuls/id/759307" }, { "trust": 0.8, "url": "http://blogs.adobe.com/asset/2011/12/background-on-cve-2011-2462.html" }, { "trust": 0.8, "url": "http://www.microsoft.com/download/en/details.aspx?id=1677" }, { "trust": 0.8, "url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx" }, { "trust": 0.8, "url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx" }, { "trust": 0.8, "url": "http://blogs.technet.com/b/srd/archive/2010/12/08/on-the-effectiveness-of-dep-and-aslr.aspx" }, { "trust": 0.8, "url": "http://technet.microsoft.com/en-us/security/advisory/2639658" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu759307/index.html" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnta11-350a/" }, { "trust": 0.8, "url": "http://jvn.jp/ta/jvnta99041988/" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2462" }, { "trust": 0.8, "url": "https://www.us-cert.gov/ncas/alerts/ta15-119a" }, { "trust": 0.8, "url": "https://cisa.gov/known-exploited-vulnerabilities-catalog" }, { "trust": 0.8, "url": "http://www.ipa.go.jp/security/ciadr/vul/20111208-adobe.html" }, { "trust": 0.6, "url": "http://www.securityfocus.com/bid/50922" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/18277" }, { "trust": 0.3, "url": "http://www.adobe.com" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/.html" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2012:0011" }, { "trust": 0.1, "url": "https://github.com/quanyang/exploitanalysis" }, { "trust": 0.1, "url": "https://github.com/jesparza/peepdf" }, { "trust": 0.1, "url": "https://www.exploit-db.com/exploits/18366/" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://access.redhat.com/kb/docs/doc-11259" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/#package" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-4369.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2462" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4369" }, { "trust": 0.1, "url": "http://bugzilla.redhat.com/):" }, { "trust": 0.1, "url": "https://rhn.redhat.com/errata/rhsa-2012-0011.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-2462.html" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-201201-19.xml" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "https://www.adobe.com/support/security/bulletins/apsb11-30.html\u003e" }, { "trust": 0.1, "url": "http://www.us-cert.gov/cas/signup.html\u003e." }, { "trust": 0.1, "url": "http://www.us-cert.gov/cas/techalerts/ta11-350a.html\u003e" }, { "trust": 0.1, "url": "https://www.adobe.com/support/security/advisories/apsa11-04.html\u003e" }, { "trust": 0.1, "url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/759307\u003e" }, { "trust": 0.1, "url": "http://www.us-cert.gov/legal.html\u003e" } ], "sources": [ { "db": "CERT/CC", "id": "VU#759307" }, { "db": "VULHUB", "id": "VHN-50407" }, { "db": "VULMON", "id": "CVE-2011-2462" }, { "db": "BID", "id": "50922" }, { "db": "JVNDB", "id": "JVNDB-2011-003287" }, { "db": "PACKETSTORM", "id": "108558" }, { "db": "PACKETSTORM", "id": "109194" }, { "db": "PACKETSTORM", "id": "107960" }, { "db": "CNNVD", "id": "CNNVD-201112-061" }, { "db": "NVD", "id": "CVE-2011-2462" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#759307" }, { "db": "VULHUB", "id": "VHN-50407" }, { "db": "VULMON", "id": "CVE-2011-2462" }, { "db": "BID", "id": "50922" }, { "db": "JVNDB", "id": "JVNDB-2011-003287" }, { "db": "PACKETSTORM", "id": "108558" }, { "db": "PACKETSTORM", "id": "109194" }, { "db": "PACKETSTORM", "id": "107960" }, { "db": "CNNVD", "id": "CNNVD-201112-061" }, { "db": "NVD", "id": "CVE-2011-2462" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-12-08T00:00:00", "db": "CERT/CC", "id": "VU#759307" }, { "date": "2011-12-07T00:00:00", "db": "VULHUB", "id": "VHN-50407" }, { "date": "2011-12-07T00:00:00", "db": "VULMON", "id": "CVE-2011-2462" }, { "date": "2011-12-06T00:00:00", "db": "BID", "id": "50922" }, { "date": "2011-12-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-003287" }, { "date": "2012-01-11T07:30:45", "db": "PACKETSTORM", "id": "108558" }, { "date": "2012-01-31T00:07:37", "db": "PACKETSTORM", "id": "109194" }, { "date": "2011-12-17T00:27:48", "db": "PACKETSTORM", "id": "107960" }, { "date": "1900-01-01T00:00:00", "db": "CNNVD", "id": "CNNVD-201112-061" }, { "date": "2011-12-07T19:55:01.673000", "db": "NVD", "id": "CVE-2011-2462" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-12-08T00:00:00", "db": "CERT/CC", "id": "VU#759307" }, { "date": "2017-09-19T00:00:00", "db": "VULHUB", "id": "VHN-50407" }, { "date": "2017-09-19T00:00:00", "db": "VULMON", "id": "CVE-2011-2462" }, { "date": "2015-03-19T09:16:00", "db": "BID", "id": "50922" }, { "date": "2024-07-05T02:02:00", "db": "JVNDB", "id": "JVNDB-2011-003287" }, { "date": "2011-12-12T00:00:00", "db": "CNNVD", "id": "CNNVD-201112-061" }, { "date": "2024-11-21T01:28:19.950000", "db": "NVD", "id": "CVE-2011-2462" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "109194" }, { "db": "CNNVD", "id": "CNNVD-201112-061" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Acrobat and Reader U3D memory corruption vulnerability", "sources": [ { "db": "CERT/CC", "id": "VU#759307" }, { "db": "BID", "id": "50922" } ], "trust": 1.1 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "lack of information", "sources": [ { "db": "CNNVD", "id": "CNNVD-201112-061" } ], "trust": 0.6 } }
ghsa-g2wp-w28c-8vg2
Vulnerability from github
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.
{ "affected": [], "aliases": [ "CVE-2011-2462" ], "database_specific": { "cwe_ids": [ "CWE-787" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2011-12-07T19:55:00Z", "severity": "HIGH" }, "details": "Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.", "id": "GHSA-g2wp-w28c-8vg2", "modified": "2024-12-20T15:30:42Z", "published": "2022-05-17T01:01:02Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2462" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html" }, { "type": "WEB", "url": "http://www.adobe.com/support/security/advisories/apsa11-04.html" }, { "type": "WEB", "url": "http://www.adobe.com/support/security/bulletins/apsb11-30.html" }, { "type": "WEB", "url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html" }, { "type": "WEB", "url": "http://www.redhat.com/support/errata/RHSA-2012-0011.html" }, { "type": "WEB", "url": "http://www.us-cert.gov/cas/techalerts/TA11-350A.html" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }
rhsa-2012_0011
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated acroread packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6\nSupplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nThis update fixes two security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-30, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. (CVE-2011-2462, CVE-2011-4369)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.7, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2012:0011", "url": "https://access.redhat.com/errata/RHSA-2012:0011" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.adobe.com/support/security/bulletins/apsb11-30.html", "url": "http://www.adobe.com/support/security/bulletins/apsb11-30.html" }, { "category": "external", "summary": "760908", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=760908" }, { "category": "external", "summary": "768517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=768517" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_0011.json" } ], "title": "Red Hat Security Advisory: acroread security update", "tracking": { "current_release_date": "2024-11-14T11:30:10+00:00", "generator": { "date": "2024-11-14T11:30:10+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2012:0011", "initial_release_date": "2012-01-10T22:48:00+00:00", "revision_history": [ { "date": "2012-01-10T22:48:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2012-01-10T22:55:55+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T11:30:10+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Desktop version 4 Extras", "product": { "name": "Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4 Extras", "product": { "name": "Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "acroread-plugin-0:9.4.7-1.el4.i386", "product": { "name": "acroread-plugin-0:9.4.7-1.el4.i386", "product_id": "acroread-plugin-0:9.4.7-1.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread-plugin@9.4.7-1.el4?arch=i386" } } }, { "category": "product_version", "name": "acroread-0:9.4.7-1.el4.i386", "product": { "name": "acroread-0:9.4.7-1.el4.i386", "product_id": "acroread-0:9.4.7-1.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread@9.4.7-1.el4?arch=i386" } } }, { "category": "product_version", "name": "acroread-0:9.4.7-1.el5.i386", "product": { "name": "acroread-0:9.4.7-1.el5.i386", "product_id": "acroread-0:9.4.7-1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread@9.4.7-1.el5?arch=i386" } } }, { "category": "product_version", "name": "acroread-plugin-0:9.4.7-1.el5.i386", "product": { "name": "acroread-plugin-0:9.4.7-1.el5.i386", "product_id": "acroread-plugin-0:9.4.7-1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread-plugin@9.4.7-1.el5?arch=i386" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "acroread-0:9.4.7-1.el6.i686", "product": { "name": "acroread-0:9.4.7-1.el6.i686", "product_id": "acroread-0:9.4.7-1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread@9.4.7-1.el6?arch=i686" } } }, { "category": "product_version", "name": "acroread-plugin-0:9.4.7-1.el6.i686", "product": { "name": "acroread-plugin-0:9.4.7-1.el6.i686", "product_id": "acroread-plugin-0:9.4.7-1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread-plugin@9.4.7-1.el6?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.7-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:acroread-0:9.4.7-1.el4.i386" }, "product_reference": "acroread-0:9.4.7-1.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.7-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:acroread-plugin-0:9.4.7-1.el4.i386" }, "product_reference": "acroread-plugin-0:9.4.7-1.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.7-1.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:acroread-0:9.4.7-1.el4.i386" }, "product_reference": "acroread-0:9.4.7-1.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.7-1.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:acroread-plugin-0:9.4.7-1.el4.i386" }, "product_reference": "acroread-plugin-0:9.4.7-1.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.7-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:acroread-0:9.4.7-1.el4.i386" }, "product_reference": "acroread-0:9.4.7-1.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.7-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:acroread-plugin-0:9.4.7-1.el4.i386" }, "product_reference": "acroread-plugin-0:9.4.7-1.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.7-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:acroread-0:9.4.7-1.el4.i386" }, "product_reference": "acroread-0:9.4.7-1.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.7-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:acroread-plugin-0:9.4.7-1.el4.i386" }, "product_reference": "acroread-plugin-0:9.4.7-1.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.7-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:acroread-0:9.4.7-1.el5.i386" }, "product_reference": "acroread-0:9.4.7-1.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.7-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386" }, "product_reference": "acroread-plugin-0:9.4.7-1.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.7-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:acroread-0:9.4.7-1.el5.i386" }, "product_reference": "acroread-0:9.4.7-1.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.7-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386" }, "product_reference": "acroread-plugin-0:9.4.7-1.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.7-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary:acroread-0:9.4.7-1.el6.i686" }, "product_reference": "acroread-0:9.4.7-1.el6.i686", "relates_to_product_reference": "6Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.7-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686" }, "product_reference": "acroread-plugin-0:9.4.7-1.el6.i686", "relates_to_product_reference": "6Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.7-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary:acroread-0:9.4.7-1.el6.i686" }, "product_reference": "acroread-0:9.4.7-1.el6.i686", "relates_to_product_reference": "6Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.7-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686" }, "product_reference": "acroread-plugin-0:9.4.7-1.el6.i686", "relates_to_product_reference": "6Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.7-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary:acroread-0:9.4.7-1.el6.i686" }, "product_reference": "acroread-0:9.4.7-1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.7-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686" }, "product_reference": "acroread-plugin-0:9.4.7-1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary" } ] }, "vulnerabilities": [ { "cve": "CVE-2011-2462", "discovery_date": "2011-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "760908" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: U3D memory corruption vulnerability (APSB11-30)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.7-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.7-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4ES-LACD:acroread-0:9.4.7-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4WS-LACD:acroread-0:9.4.7-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.7-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.7-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Client-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686", "6Server-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Server-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686", "6Workstation-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-2462" }, { "category": "external", "summary": "RHBZ#760908", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=760908" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-2462", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2462" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2462", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2462" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2011-12-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-01-10T22:48:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.7-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.7-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4ES-LACD:acroread-0:9.4.7-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4WS-LACD:acroread-0:9.4.7-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.7-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.7-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Client-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686", "6Server-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Server-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686", "6Workstation-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:0011" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.7-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.7-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4ES-LACD:acroread-0:9.4.7-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4WS-LACD:acroread-0:9.4.7-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.7-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.7-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Client-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686", "6Server-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Server-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686", "6Workstation-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-06-08T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Critical" } ], "title": "acroread: U3D memory corruption vulnerability (APSB11-30)" }, { "cve": "CVE-2011-4369", "discovery_date": "2011-12-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "768517" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: unspecified vulnerability in PRC component (APSB11-30)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.7-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.7-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4ES-LACD:acroread-0:9.4.7-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4WS-LACD:acroread-0:9.4.7-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.7-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.7-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Client-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686", "6Server-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Server-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686", "6Workstation-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-4369" }, { "category": "external", "summary": "RHBZ#768517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=768517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-4369", "url": "https://www.cve.org/CVERecord?id=CVE-2011-4369" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4369", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4369" } ], "release_date": "2011-12-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-01-10T22:48:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.7-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.7-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4ES-LACD:acroread-0:9.4.7-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4WS-LACD:acroread-0:9.4.7-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.7-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.7-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Client-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686", "6Server-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Server-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686", "6Workstation-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:0011" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.7-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.7-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4ES-LACD:acroread-0:9.4.7-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "4WS-LACD:acroread-0:9.4.7-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.7-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.7-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.7-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.7-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Client-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686", "6Server-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Server-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686", "6Workstation-Supplementary:acroread-0:9.4.7-1.el6.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.7-1.el6.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: unspecified vulnerability in PRC component (APSB11-30)" } ] }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.