Summary
This host is installed with Adobe Reader/Acrobat and is prone to memory corruption vulnerability.
Impact
Successful exploitation will allow attackers to execute arbitrary code in the context of the affected application or cause a denial of service.
Impact Level: Application
Solution
Upgrade to Adobe Reader version 9.4.7 or 10.1.2 or later, Upgrade to Adobe Acrobat version 9.4.7 or 10.1.2 or later, For updates refer to http://www.adobe.com/
Insight
The flaw is due to an unspecified error while handling U3D data.
Affected
Adobe Reader versions 9.x through 9.4.6 and 10.x through 10.1.1 on Mac OS X Adobe Acrobat versions 9.x through 9.4.6 and 10.x through 10.1.1 on Mac OS X
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2011-2462, CVE-2011-4369 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player Code Execution and DoS Vulnerabilities (Linux)
- Adobe Air Multiple Vulnerabilities - December12 (Windows)
- Active Perl Locale::Maketext Module Multiple Code Injection Vulnerabilities (Windows)
- Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Windows)
- Aastra IP Telephone Hardcoded Telnet Password Security Bypass Vulnerability