Adobe Reader authplay.dll Handling Vulnerability (19/08/10) Aggiornate alla 9.3.4

ERCOLINO

ERCOLINO

Membro dello Staff
Amministratore
Registrato
3 Marzo 2003
Messaggi
252.383
Località
Torino
Adobe Reader/Acrobat authplay.dll AVM2 "newfunction" Handling Vulnerability

Secunia Advisory SA40034
Release Date 2010-06-05
Last Update 2010-06-08



Criticality level: Extremely critical
img_5.gif

Impact : System access
Where : From remote

Solution Status Vendor Patch

Software:
Adobe Acrobat 3D 8.x
Adobe Acrobat 8 Professional
Adobe Acrobat 8.x
Adobe Acrobat 9.x
Adobe Reader 8.x
Adobe Reader 9.x


Bollettino Secunia




Aggiornate alla 9.3.3

Bollettino Sicurezza Adobe


Avevo già riportato alcune info al riguardo in una discussione sul forum ,riguarda anche le flash player che hanno risolto con la versione 10.1

Dettagli
 
Adobe Reader/Acrobat Multiple Vulnerabilities (Aggiornate 19/08/10)

Adobe Reader/Acrobat Multiple Vulnerabilities

Secunia Advisory SA40766
Release Date 2010-08-04
Last Update 2010-08-19

Criticality level :Highly critical
Impact: System access
Where : From remote
Solution Status : Vendor Patch




Software:
Adobe Acrobat 3D 8.x
Adobe Acrobat 8 Professional
Adobe Acrobat 8.x
Adobe Acrobat 9.x
Adobe Reader 8.x
Adobe Reader 9.x

Description
Multiple vulnerabilities have been reported in in Adobe Reader / Acrobat, which can be exploited by malicious people to compromise a user's system.

1) The application bundles a vulnerable version of Flash Player (authplay.dll).

For more information:
SA40907

2) An integer overflow error in CoolType.dll when parsing the "maxCompositePoints" field value in the "maxp" (Maximum Profile) table of a TrueType font can be exploited to corrupt memory via a PDF file containing a specially crafted TrueType font.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is confirmed in Adobe Reader versions 8.2.3 and 9.3.3 and Adobe Acrobat version 9.3.3. Prior versions may also be affected.

Solution
Update to version 9.3.4 or 8.2.4.

Bollettino di Sicurezza
 
Devi accedere o registrarti per poter rispondere.
Indietro
Alto Basso