Adobe Reader 'U3D' Component Memory Corruption Vulnerability - Linux Network Vulnerability

Summary

This host is installed with Adobe Reader and is prone to memory corruption vulnerability.

Impact

Successful exploitation will allow attackers to execute arbitrary code in the context of the affected application or cause a denial of service. Impact Level: Application

Solution

Upgrade to Adobe Reader version 9.4.7 or later, For updates refer to http://www.adobe.com/

Insight

The flaw is due to an unspecified error while handling U3D data.

Affected

Adobe Reader versions 9.x through 9.4.6 on Linux

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/47133/
http://www.adobe.com/support/security/advisories/apsa11-04.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-2462, CVE-2011-4369

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air Code Execution and DoS Vulnerabilities (Windows)
Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)
Adobe Air Multiple Vulnerabilities - October 12 (Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Jan15 (Mac OS X)
Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Windows)

Take action and discover your vulnerabilities