KLA10440
Multiple vulnerabilities in Adobe Acrobat & Reader

Updated: 06/03/2020

Detect date ?	09/09/2014
Severity ?	Critical
Description	Multiple critical vulnerabilities have been found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information, execute arbitrary code and read arbitrary files. Below is a complete list of vulnerabilities use-after-free vulnerability can be exploited via unspecified vectors; Unknown vectors can be exploited via XML external entity declaration; Race conditions can be exploited via an NTFS junction; Unknown vectors can be exploited via JavaScript API; An integer overflow can be exploited via unspecified vectors; Unlnown vectors can be exploited remotely; Heap based buffer overflow can be exploited via unknown vectors.
Affected products	Adobe Reader XI 11.0.09 and earlier Adobe Reader X 10.1.12 and earlier Adobe Acrobat XI 11.0.09 and earlier Adobe Acrobat X 10.1.12 and earlier
Solution	Update to latest version Get reader
Original advisories	APSB
Impacts ?	ACE [?] OSI [?] DoS [?] SB [?] RLF [?]
Related products	Adobe Reader Adobe Acrobat Adobe Reader X Adobe Acrobat X Adobe Reader XI Adobe Acrobat XI
CVE-IDS ?	CVE-2014-84525.0Critical CVE-2014-84535.0Critical CVE-2014-91506.4High CVE-2014-84485.0Critical CVE-2014-84515.0Critical
	Find out the statistics of the vulnerabilities spreading in your region

KLA10440Multiple vulnerabilities in Adobe Acrobat & Reader