Kaspersky Threats

KLA10734
Multiple vulnerabilities in Adobe products

Обновлено: 15/02/2019

Дата обнаружения	12/01/2016
Уровень угрозы	Critical
Описание	Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities Untrusted search path vulnerability at Adobe Download Manager can be exploited locally to gain privileges via a specially designed resources; An unknown vulnerability can be exploited to cause denial of service or execute arbitrary code; Improper Global object handling can be exploited to bypass JavaScript API restrictions; Use-after-free vulnerability at Search, Doc and AGM can be exploited to execute arbitrary code; Double free vulnerability can be exploited to execute arbitrary code via a specially designed ExtGState dictionary.
Пораженные продукты	Adobe Acrobat DC Continuous versions earlier than 15.010.20056 Adobe Acrobat Reader DC Continuous versions earlier than 15.010.20056 Adobe Acrobat DC Classic versions earlier than 15.006.30119 Adobe Acrobat Reader DC Classic versions earlier than 15.006.30119 Adobe Acrobat XI versions earlier than 11.0.14 Adobe Reader XI versions earlier than 11.0.14
Решение	Update to the latest version Get Adobe Reader
Первичный источник обнаружения	Adobe security bulletin
Оказываемое влияние ?	ACE [?] DoS [?] SB [?]
Связанные продукты	Adobe Reader X Adobe Acrobat X Adobe Reader XI Adobe Acrobat XI Adobe Acrobat Reader DC Continuous Adobe Acrobat Reader DC Classic Adobe Acrobat DC Continuous Adobe Acrobat DC Classic
CVE-IDS	CVE-2016-0931 CVE-2016-0932 CVE-2016-0933 CVE-2016-0934 CVE-2016-0935 CVE-2016-0936 CVE-2016-0937 CVE-2016-0938 CVE-2016-0939 CVE-2016-0940 CVE-2016-0941 CVE-2016-0942 CVE-2016-0943 CVE-2016-0944 CVE-2016-0945 CVE-2016-0946 CVE-2016-0947