Summary
This host is installed with Adobe Acrobat and is prone to multiple vulnerabilities.
Impact
Successful exploitation will let attackers to bypass certain security restrictions, execute arbitrary code via unspecified vectors or cause a denial of service.
Impact Level: System/Application
Solution
Upgrade to Adobe Acrobat version 9.5.1 or 10.1.3 on later, For updates refer to http://www.adobe.com
Insight
The flaws are due to
- An unspecified error when handling JavaScript/JavaScript API can be exploited to corrupt memory.
- An integer overflow error when handling True Type Font (TTF) can be exploited to corrupt memory.
- The application loads executables (msiexec.exe) in an insecure manner.
Affected
Adobe Acrobat version 9.x to 9.5 and prior and 10.x to 10.1.2 on Windows
References
Severity
Classification
-
CVE CVE-2012-0774, CVE-2012-0775, CVE-2012-0776 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities