KLA10440
Multiple vulnerabilities in Adobe Acrobat & Reader
Updated: 06/01/2019
Detect date
?
09/09/2014
Severity
?
Critical
Description

Multiple critical vulnerabilities have been found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information, execute arbitrary code and read arbitrary files.

Below is a complete list of vulnerabilities

  1. use-after-free vulnerability can be exploited via unspecified vectors;
  2. Unknown vectors can be exploited via XML external entity declaration;
  3. Race conditions can be exploited via an NTFS junction;
  4. Unknown vectors can be exploited via JavaScript API;
  5. An integer overflow can be exploited via unspecified vectors;
  6. Unlnown vectors can be exploited remotely;
  7. Heap based buffer overflow can be exploited via unknown vectors.
Affected products

Adobe Reader XI 11.0.09 and earlier
Adobe Reader X 10.1.12 and earlier
Adobe Acrobat XI 11.0.09 and earlier
Adobe Acrobat X 10.1.12 and earlier

Solution

Update to latest version
Get reader

Original advisories

APSB

Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

RLF 
[?]
Related products
Adobe Reader
Adobe Acrobat
Adobe Reader X
Adobe Acrobat X
Adobe Reader XI
Adobe Acrobat XI
CVE-IDS
?
CVE-2014-844510.0Critical
CVE-2014-916510.0Critical
CVE-2014-84525.0Critical
CVE-2014-84535.0Critical
CVE-2014-91506.4High
CVE-2014-844610.0Critical
CVE-2014-844710.0Critical
CVE-2014-84485.0Critical
CVE-2014-845610.0Critical
CVE-2014-845410.0Critical
CVE-2014-845510.0Critical
CVE-2014-84515.0Critical
CVE-2014-844910.0Critical
CVE-2014-845710.0Critical
CVE-2014-845810.0Critical
CVE-2014-846010.0Critical
CVE-2014-845910.0Critical
CVE-2014-846110.0Critical
CVE-2014-915810.0Critical
CVE-2014-915910.0Critical