Summary
This host is installed with Adobe Reader/Acrobat and is prone to memory corruption vulnerability.
Impact
Successful exploitation will allow attackers to execute arbitrary code in the context of the affected application or cause a denial of service.
Impact Level: Application
Solution
Upgrade to Adobe Reader or Acrobat version 9.4.7 or later.
For updates refer to http://www.adobe.com/
Insight
The flaw is due to an unspecified error while handling U3D data.
Affected
Adobe Reader versions 9.x through 9.4.6 and 10.x through 10.1.1 on Windows.
Adobe Acrobat versions 9.x through 9.4.6 and 10.x through 10.1.1 on Windows.
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2011-2462, CVE-2011-4369 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Mac OS X)
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Linux)
- Adobe AIR Multiple Vulnerabilities-01 Jun14 (Windows)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Linux)
- Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X)