CERT-MU :Advisories

Multiple Remote Code Execution Vulnerabilities in Adobe Acrobat and Reader

Original issue date: 27 July, 2010

Overview

Multiple vulnerabilities have been reported in Adobe Acrobat and Reader which could allow remote code execution to take complete control of the systems installed with vulnerable versions of software.

Description

Multiple vulnerabilities have been reported in Adobe Reader and Acrobat, which could allow remote attackers to cause a denial of service or compromise a vulnerable system. These vulnerabilities are caused due to memory corruptions, invalid pointers, uninitialized memory, array-indexing and use-after-free errors while processing malformed data within a specially crafted PDF document.

A remote attacker could exploit these vulnerabilities by alluring users to open specially crafted malformed PDF document sent via email attachment or via hosting it at purposefully crafted webpage or website. Upon opening, Adobe Reader and Acrobat processing malformed data within malformed PDF, which could cause application crash (Denial of Service (DoS)), execution of arbitrary code and could allow remote attacker to gain system access with the privileges of currently logged-in user.

Workarounds

Do not opening PDF files received from un-trusted and unknown sources
Do not open PDF files received unexpectedly from trusted sources
Disable JavaScript and ActiveX scripting in the browser settings
Exercise caution while visiting websites links received in emails
Disable displaying and automatic opening of PDF documents in Web Browser
Use Adobe automatic update feature

Affected Softwares

Adobe Reader 9.3.2 and earlier versions for

Microsoft Windows
Macintosh
UNIX

Adobe Acrobat 9.3.2 and earlier versions for

Microsoft Windows
Macintosh

Impact

Severity Rating: High

Solution

Install updates as suggested in APSB10-15

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind

Vendor Information

CVE Name

CERT-In