KLA10440
Multiple vulnerabilities in Adobe Acrobat & Reader
Обновлено: 17/06/2019
Дата обнаружения
09/09/2014
Уровень угрозы
Critical
Описание

Multiple critical vulnerabilities have been found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information, execute arbitrary code and read arbitrary files.

Below is a complete list of vulnerabilities

  1. use-after-free vulnerability can be exploited via unspecified vectors;
  2. Unknown vectors can be exploited via XML external entity declaration;
  3. Race conditions can be exploited via an NTFS junction;
  4. Unknown vectors can be exploited via JavaScript API;
  5. An integer overflow can be exploited via unspecified vectors;
  6. Unlnown vectors can be exploited remotely;
  7. Heap based buffer overflow can be exploited via unknown vectors.
Пораженные продукты

Adobe Reader XI 11.0.09 and earlier
Adobe Reader X 10.1.12 and earlier
Adobe Acrobat XI 11.0.09 and earlier
Adobe Acrobat X 10.1.12 and earlier

Решение

Update to latest version
Get reader

Первичный источник обнаружения
APSB
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

RLF 
[?]
Связанные продукты
Adobe Reader
Adobe Acrobat
Adobe Reader X
Adobe Acrobat X
Adobe Reader XI
Adobe Acrobat XI
CVE-IDS
CVE-2014-844510.0Critical
CVE-2014-916510.0Critical
CVE-2014-84525.0Critical
CVE-2014-84535.0Critical
CVE-2014-91506.4High
CVE-2014-844610.0Critical
CVE-2014-844710.0Critical
CVE-2014-84485.0Critical
CVE-2014-845610.0Critical
CVE-2014-845410.0Critical
CVE-2014-845510.0Critical
CVE-2014-84515.0Critical
CVE-2014-844910.0Critical
CVE-2014-845710.0Critical
CVE-2014-845810.0Critical
CVE-2014-846010.0Critical
CVE-2014-845910.0Critical
CVE-2014-846110.0Critical
CVE-2014-915810.0Critical
CVE-2014-915910.0Critical