Action not permitted
Modal body text goes here.
CVE-2011-0595
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T21:58:25.861Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ADV-2011-0492", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2011/0492" }, { "name": "43470", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/43470" }, { "name": "RHSA-2011:0301", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-070/" }, { "name": "ADV-2011-0337", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "name": "1025033", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1025033" }, { "name": "20110208 ZDI-11-070: Adobe Acrobat Reader U3D Texture .fli RLE Decompression Remote Code Execution Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/516312" }, { "name": "oval:org.mitre.oval:def:12500", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12500" }, { "name": "46212", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/46212" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2011-02-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe" }, "references": [ { "name": "ADV-2011-0492", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2011/0492" }, { "name": "43470", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/43470" }, { "name": "RHSA-2011:0301", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-070/" }, { "name": "ADV-2011-0337", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "name": "1025033", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1025033" }, { "name": "20110208 ZDI-11-070: Adobe Acrobat Reader U3D Texture .fli RLE Decompression Remote Code Execution Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/516312" }, { "name": "oval:org.mitre.oval:def:12500", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12500" }, { "name": "46212", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/46212" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2011-0595", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "ADV-2011-0492", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0492" }, { "name": "43470", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43470" }, { "name": "RHSA-2011:0301", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-070/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-070/" }, { "name": "ADV-2011-0337", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "name": "1025033", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1025033" }, { "name": "20110208 ZDI-11-070: Adobe Acrobat Reader U3D Texture .fli RLE Decompression Remote Code Execution Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/516312" }, { "name": "oval:org.mitre.oval:def:12500", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12500" }, { "name": "46212", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46212" }, { "name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2011-0595", "datePublished": "2011-02-10T17:00:00", "dateReserved": "2011-01-20T00:00:00", "dateUpdated": "2024-08-06T21:58:25.861Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2011-0595\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2011-02-10T18:00:58.643\",\"lastModified\":\"2018-10-30T16:25:16.967\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600.\"},{\"lang\":\"es\",\"value\":\"Adobe Reader y Acrobat v10.x anterior a v10.0.1, v9.x anterior a v9.4.2, y v8.x anterior a v8.2.6 en Windows y Mac OS X permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo 3D, una vulnerabilidad diferente de CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, y CVE-2011-0600.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":9.3},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"996EB48E-D2A8-49E4-915A-EBDE26A9FB94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97E20936-EE31-4CEB-A710-3165A28BAD69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5BEA847-A71E-4336-AB67-B3C38847C1C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F6994B-6969-485B-9286-2592B11A47BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC533775-B52E-43F0-BF19-1473BE36232D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18D1C85E-42CC-46F2-A7B6-DAC3C3995330\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4670451-511E-496C-A78A-887366E1E992\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A2A4F62-7AB5-4134-9A65-4B4E1EA262A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35994F76-CD13-4301-9134-FC0CBEA37D97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FB61191-F955-4DE6-A86B-36E031DE1F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E32D68D5-6A79-454B-B14F-9BC865413E3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A57581C-A139-41C3-B9DB-0C4CFA7A1BB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"562772F1-1627-438E-A6B8-7D1AA5536086\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F25C9167-C6D4-4264-9197-50878EDA2D96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD1D7308-09E9-42B2-8836-DC2326C62A9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5C251D2-4C9B-4029-8BED-0FCAED3B8E89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2432AC17-5378-4C61-A775-5172FD44EC03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39EDED39-664F-4B68-B422-2CCCA3B83550\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B508C5CE-1386-47B3-B301-B78DBB3A75D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDC2EEB6-D5EC-430F-962A-1279C9970441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DC590C7-5BDE-4E46-9605-01E95B17F01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCFE67F4-6907-4967-96A3-1757EADA72BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41DFBB39-4BC6-48BB-B66E-99DA4C7DBCE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9731EFE2-A5BE-4389-A92D-DDC573633B6C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26AE76F7-D7F6-4AF2-A5C6-708B5642C288\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"749FFB51-65D4-4A4B-95F3-742440276897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8665E53-EC1E-4B95-9064-2565BC12113E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24218FDA-F9DA-465A-B5D5-76A55C7EE04E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2C5F1C5-85CD-47B9-897F-E51D6902AF72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0E190FF-3EBC-44AB-8072-4D964E843E8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A624D44-C135-4ED3-9BA4-F4F8A044850B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B95C0A99-42E4-40A9-BF61-507E4E4DC052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B9F55CC-3681-4A67-99D1-3F40447392D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9C0AC89-804B-44A1-929A-118993B6BAA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39B174C3-1BA6-4654-BFA4-CC126454E147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ACDAA2B-3977-4590-9F16-5DDB6FF6545B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB7C4E07-0909-4114-BBFB-92626AFC49BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7832B75B-7868-44DE-A9A4-CBD9CC117DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AA53564-9ACD-4CFB-9AAC-A77440026A57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F475858-DCE2-4C93-A51A-04718DF17593\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88687272-4CD0-42A2-B727-C322ABDE3549\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B35CC915-EEE3-4E86-9E09-1893C725E07B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76201694-E5C5-4CA3-8919-46937AFDAAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"397AB988-1C2C-4247-9B34-806094197CB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FA0B8C3-8060-4685-A241-9852BD63B7A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB9BBDE-634A-47CF-BA49-67382B547900\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F56B1726-4F05-4732-9D8B-077EF593EAEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A258374F-55CB-48D2-9094-CD70E1288F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"627B0DA4-E600-49F1-B455-B4E151B33236\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B57C5136-7853-478B-A342-6013528B41B4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/43470\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-03.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0301.html\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/516312\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.securityfocus.com/bid/46212\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.securitytracker.com/id?1025033\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0337\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0492\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-11-070/\",\"source\":\"psirt@adobe.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12500\",\"source\":\"psirt@adobe.com\"}]}}" } }
rhsa-2011_0301
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nThis update fixes multiple vulnerabilities in Adobe Reader. These\nvulnerabilities are detailed on the Adobe security page APSB11-03, listed\nin the References section.\n\nA specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. (CVE-2011-0562, CVE-2011-0563, CVE-2011-0565, CVE-2011-0566,\nCVE-2011-0567, CVE-2011-0585, CVE-2011-0586, CVE-2011-0589, CVE-2011-0590,\nCVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0594, CVE-2011-0595,\nCVE-2011-0596, CVE-2011-0598, CVE-2011-0599, CVE-2011-0600, CVE-2011-0602,\nCVE-2011-0603, CVE-2011-0606)\n\nMultiple security flaws were found in Adobe reader. A specially-crafted PDF\nfile could cause cross-site scripting (XSS) attacks against the user\nrunning Adobe Reader when opened. (CVE-2011-0587, CVE-2011-0604)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.2, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2011:0301", "url": "https://access.redhat.com/errata/RHSA-2011:0301" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.adobe.com/support/security/bulletins/apsb11-03.html", "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" }, { "category": "external", "summary": "676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "676158", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676158" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_0301.json" } ], "title": "Red Hat Security Advisory: acroread security update", "tracking": { "current_release_date": "2024-11-14T11:28:33+00:00", "generator": { "date": "2024-11-14T11:28:33+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2011:0301", "initial_release_date": "2011-02-23T21:16:00+00:00", "revision_history": [ { "date": "2011-02-23T21:16:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2011-02-23T16:17:46+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T11:28:33+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Desktop version 4 Extras", "product": { "name": "Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4 Extras", "product": { "name": "Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "acroread-0:9.4.2-1.el4.i386", "product": { "name": "acroread-0:9.4.2-1.el4.i386", "product_id": "acroread-0:9.4.2-1.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread@9.4.2-1.el4?arch=i386" } } }, { "category": "product_version", "name": "acroread-plugin-0:9.4.2-1.el4.i386", "product": { "name": "acroread-plugin-0:9.4.2-1.el4.i386", "product_id": "acroread-plugin-0:9.4.2-1.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread-plugin@9.4.2-1.el4?arch=i386" } } }, { "category": "product_version", "name": "acroread-0:9.4.2-1.el5.i386", "product": { "name": "acroread-0:9.4.2-1.el5.i386", "product_id": "acroread-0:9.4.2-1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread@9.4.2-1.el5?arch=i386" } } }, { "category": "product_version", "name": "acroread-plugin-0:9.4.2-1.el5.i386", "product": { "name": "acroread-plugin-0:9.4.2-1.el5.i386", "product_id": "acroread-plugin-0:9.4.2-1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread-plugin@9.4.2-1.el5?arch=i386" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "acroread-plugin-0:9.4.2-3.el6_0.i686", "product": { "name": "acroread-plugin-0:9.4.2-3.el6_0.i686", "product_id": "acroread-plugin-0:9.4.2-3.el6_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread-plugin@9.4.2-3.el6_0?arch=i686" } } }, { "category": "product_version", "name": "acroread-0:9.4.2-3.el6_0.i686", "product": { "name": "acroread-0:9.4.2-3.el6_0.i686", "product_id": "acroread-0:9.4.2-3.el6_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/acroread@9.4.2-3.el6_0?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:acroread-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-plugin-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-1.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-1.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-plugin-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:acroread-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-plugin-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:acroread-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386" }, "product_reference": "acroread-plugin-0:9.4.2-1.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386" }, "product_reference": "acroread-0:9.4.2-1.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386" }, "product_reference": "acroread-plugin-0:9.4.2-1.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386" }, "product_reference": "acroread-0:9.4.2-1.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386" }, "product_reference": "acroread-plugin-0:9.4.2-1.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-3.el6_0.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686" }, "product_reference": "acroread-0:9.4.2-3.el6_0.i686", "relates_to_product_reference": "6Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-3.el6_0.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" }, "product_reference": "acroread-plugin-0:9.4.2-3.el6_0.i686", "relates_to_product_reference": "6Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-3.el6_0.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686" }, "product_reference": "acroread-0:9.4.2-3.el6_0.i686", "relates_to_product_reference": "6Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-3.el6_0.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" }, "product_reference": "acroread-plugin-0:9.4.2-3.el6_0.i686", "relates_to_product_reference": "6Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-0:9.4.2-3.el6_0.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686" }, "product_reference": "acroread-0:9.4.2-3.el6_0.i686", "relates_to_product_reference": "6Workstation-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "acroread-plugin-0:9.4.2-3.el6_0.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" }, "product_reference": "acroread-plugin-0:9.4.2-3.el6_0.i686", "relates_to_product_reference": "6Workstation-Supplementary" } ] }, "vulnerabilities": [ { "cve": "CVE-2011-0562", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0570 and CVE-2011-0588.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0562" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0562", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0562" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0562", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0562" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0563", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0589 and CVE-2011-0606.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0563" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0563", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0563" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0563", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0563" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0565", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0585.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0565" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0565", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0565" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0565", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0565" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0566", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0566" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0566", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0566" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0566", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0566" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0567", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "AcroRd32.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image that triggers an incorrect pointer calculation, leading to heap memory corruption, a different vulnerability than CVE-2011-0566 and CVE-2011-0603.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0567" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0567", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0567" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0567", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0567" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0585", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0565.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0585" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0585", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0585" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0585", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0585" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0586", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X do not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0586" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0586", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0586" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0586", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0586" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0587", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676158" } ], "notes": [ { "category": "description", "text": "Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0604.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: multiple XSS flaws (APSB11-03)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0587" }, { "category": "external", "summary": "RHBZ#676158", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676158" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0587", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0587" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0587", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0587" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "acroread: multiple XSS flaws (APSB11-03)" }, { "cve": "CVE-2011-0589", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0589" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0589", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0589" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0589", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0589" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0590", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file, a different vulnerability than CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0590" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0590", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0590" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0590", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0590" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0591", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to Texture and rgba, a different vulnerability than CVE-2011-0590, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0591" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0591", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0591" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0591", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0591" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0592", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to \"Texture bmp,\" a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0592" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0592", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0592" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0592", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0592" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0593", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0595, and CVE-2011-0600.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0593" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0593", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0593" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0593", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0593" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0594", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0594" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0594", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0594" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0594", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0594" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0595", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0595" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0595", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0595" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0595", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0595" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0596", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted (1) height and (2) width values for an RLE_8 compressed bitmap, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-0598, CVE-2011-0599, and CVE-2011-0602.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0596" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0596", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0596" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0596", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0596" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0598", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code via crafted ICC data, a different vulnerability than CVE-2011-0596, CVE-2011-0599, and CVE-2011-0602.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0598" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0598", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0598" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0598", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0598" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0599", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted image that causes an invalid pointer calculation related to 4/8-bit RLE compression, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0602.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0599" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0599", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0599" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0599", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0599" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0600", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "The U3D component in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file with an invalid Parent Node count that triggers an incorrect size calculation and memory corruption, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0595.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0600" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0600", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0600" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0600", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0600" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0602", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via crafted JP2K record types in a JPEG2000 image in a PDF file, which causes heap corruption, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0599.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0602" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0602", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0602" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0602", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0602" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0603", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0566 and CVE-2011-0567.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0603" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0603", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0603" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" }, { "cve": "CVE-2011-0604", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676158" } ], "notes": [ { "category": "description", "text": "Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0587.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: multiple XSS flaws (APSB11-03)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0604" }, { "category": "external", "summary": "RHBZ#676158", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676158" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0604", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0604" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0604", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0604" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "acroread: multiple XSS flaws (APSB11-03)" }, { "cve": "CVE-2011-0606", "discovery_date": "2011-02-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "676157" } ], "notes": [ { "category": "description", "text": "Stack-based buffer overflow in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a crafted length value, a different vulnerability than CVE-2011-0563 and CVE-2011-0589.", "title": "Vulnerability description" }, { "category": "summary", "text": "acroread: critical APSB11-03", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0606" }, { "category": "external", "summary": "RHBZ#676157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=676157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0606", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0606" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0606", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0606" } ], "release_date": "2011-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-02-23T21:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259", "product_ids": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0301" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:acroread-0:9.4.2-1.el4.i386", "4AS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-0:9.4.2-1.el4.i386", "4Desktop-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-0:9.4.2-1.el4.i386", "4ES-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-0:9.4.2-1.el4.i386", "4WS-LACD:acroread-plugin-0:9.4.2-1.el4.i386", "5Client-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Client-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-0:9.4.2-1.el5.i386", "5Server-Supplementary:acroread-plugin-0:9.4.2-1.el5.i386", "6Client-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Client-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Server-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-0:9.4.2-3.el6_0.i686", "6Workstation-Supplementary:acroread-plugin-0:9.4.2-3.el6_0.i686" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "acroread: critical APSB11-03" } ] }
ghsa-cj48-gr7g-jvm7
Vulnerability from github
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600.
{ "affected": [], "aliases": [ "CVE-2011-0595" ], "database_specific": { "cwe_ids": [ "CWE-20" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2011-02-10T18:00:00Z", "severity": "HIGH" }, "details": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600.", "id": "GHSA-cj48-gr7g-jvm7", "modified": "2022-05-14T02:18:22Z", "published": "2022-05-14T02:18:21Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0595" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12500" }, { "type": "WEB", "url": "http://secunia.com/advisories/43470" }, { "type": "WEB", "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" }, { "type": "WEB", "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/516312" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/46212" }, { "type": "WEB", "url": "http://www.securitytracker.com/id?1025033" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2011/0492" }, { "type": "WEB", "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-070" } ], "schema_version": "1.4.0", "severity": [] }
var-201102-0067
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0590 , CVE-2011-0591 , CVE-2011-0592 , CVE-2011-0593 and CVE-2011-0600 Is a different vulnerability.By a third party 3D An arbitrary code may be executed via the file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application's implementation of an image format supported by the Universal 3D compressed file format. When decoding the image data provided by the file, the application will use one size for allocating space for the destination buffer and then trust the data when decompressing into that buffer. Due to the decompression being unbounded by the actual buffer size, a buffer overflow can be made to occur leading to code execution under the context of the application.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network.
-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb11-03.html
-- Disclosure Timeline: 2010-10-18 - Vulnerability reported to vendor 2011-02-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
18) An input validation error when parsing fonts may allow code execution.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201102-0067", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "acrobat", "scope": "eq", "trust": 1.9, "vendor": "adobe", "version": "8.2.3" }, { "model": "acrobat", "scope": "eq", "trust": 1.9, "vendor": "adobe", "version": "8.2.4" }, { "model": "acrobat", "scope": "eq", "trust": 1.9, "vendor": "adobe", "version": "8.2.2" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.2" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.1.3" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.1.7" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.1.6" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.2.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.1.4" }, { "model": "acrobat", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "8.1.5" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "10.0" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.3.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.3" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.4" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.1.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.4.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.2" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.3.3" }, { "model": "acrobat", "scope": "eq", "trust": 1.3, "vendor": "adobe", "version": "9.3.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "10.0" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.3.3" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.4" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.3.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.2.4" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.2.3" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.7" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1.3" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.3.4" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1.1" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1.3" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.3.4" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.6" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1.2" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.2.2" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.0" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.2.1" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.0" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.0" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.0" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.4.1" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.4" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.3.2" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.1" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "9.3" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.5" }, { "model": "acrobat", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.1" }, { "model": "acrobat reader", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "8.1.1" }, { "model": "acrobat", "scope": "lte", "trust": 0.8, "vendor": "adobe", "version": "x (10.0)" }, { "model": "reader", "scope": "lte", "trust": 0.8, "vendor": "adobe", "version": "9.4.1" }, { "model": "reader", "scope": "eq", "trust": 0.8, "vendor": "adobe", "version": "x (10.0)" }, { "model": "enterprise linux extras", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 extras" }, { "model": "enterprise linux extras", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4.8.z extras" }, { "model": "enterprise linux server supplementary", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6" }, { "model": "enterprise linux workstation supplementary", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6" }, { "model": "rhel desktop supplementary", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (client)" }, { "model": "rhel desktop supplementary", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6" }, { "model": "rhel supplementary", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (server)" }, { "model": "reader", "scope": null, "trust": 0.7, "vendor": "adobe", "version": null }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.3" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.5" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.3" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3" }, { "model": "acrobat", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.4.2" }, { "model": "acrobat standard", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.4.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.3" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.4" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.6" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.3" }, { "model": "reader", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "10.0.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.4" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.4" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0" }, { "model": "desktop extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.3" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.5" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.5" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.5" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.7" }, { "model": "reader", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.4.2" }, { "model": "hat enterprise linux supplementary server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "enterprise linux extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "linux enterprise desktop sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.3" }, { "model": "acrobat professional extended", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.1" }, { "model": "acrobat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.8" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.3" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.5" }, { "model": "acrobat professional security updat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.2" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1" }, { "model": "enterprise linux es extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "hat enterprise linux desktop supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "reader security updat", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.7" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.3" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.4" }, { "model": "hat enterprise linux server supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.3" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.6" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.2" }, { "model": "acrobat professional", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "10.0.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0" }, { "model": "linux enterprise desktop sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.7" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.2" }, { "model": "hat enterprise linux desktop supplementary client", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.1" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3" }, { "model": "acrobat professional", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "9.4.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.2" }, { "model": "enterprise linux ws extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.1.3" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.6" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "11.2" }, { "model": "enterprise linux as extras", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "reader", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.1" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2.4" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.2" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.4.1" }, { "model": "acrobat standard", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.3.4" }, { "model": "acrobat professional", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.1.2" }, { "model": "hat enterprise linux workstation supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "acrobat", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "10.0.1" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11.3" }, { "model": "acrobat standard", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "10.0.1" } ], "sources": [ { "db": "ZDI", "id": "ZDI-11-070" }, { "db": "BID", "id": "46212" }, { "db": "JVNDB", "id": "JVNDB-2011-001207" }, { "db": "NVD", "id": "CVE-2011-0595" }, { "db": "CNNVD", "id": "CNNVD-201102-140" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2011-0595" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Peter Vreugdenhil through TippingPoint\u0027s Zero Day Initiative", "sources": [ { "db": "BID", "id": "46212" }, { "db": "CNNVD", "id": "CNNVD-201102-140" } ], "trust": 0.9 }, "cve": "CVE-2011-0595", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 9.3, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2011-0595", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "ZDI", "availabilityImpact": "PARTIAL", "baseScore": 9.7, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CVE-2011-0595", "impactScore": 9.5, "integrityImpact": "COMPLETE", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "HIGH", "trust": 0.7, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "VHN-48540", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2011-0595", "trust": 1.8, "value": "HIGH" }, { "author": "ZDI", "id": "CVE-2011-0595", "trust": 0.7, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201102-140", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-48540", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-11-070" }, { "db": "VULHUB", "id": "VHN-48540" }, { "db": "JVNDB", "id": "JVNDB-2011-001207" }, { "db": "NVD", "id": "CVE-2011-0595" }, { "db": "CNNVD", "id": "CNNVD-201102-140" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0590 , CVE-2011-0591 , CVE-2011-0592 , CVE-2011-0593 and CVE-2011-0600 Is a different vulnerability.By a third party 3D An arbitrary code may be executed via the file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application\u0027s implementation of an image format supported by the Universal 3D compressed file format. When decoding the image data provided by the file, the application will use one size for allocating space for the destination buffer and then trust the data when decompressing into that buffer. Due to the decompression being unbounded by the actual buffer size, a buffer overflow can be made to occur leading to code execution under the context of the application. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\n\n-- Disclosure Timeline:\n2010-10-18 - Vulnerability reported to vendor\n2011-02-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n", "sources": [ { "db": "NVD", "id": "CVE-2011-0595" }, { "db": "JVNDB", "id": "JVNDB-2011-001207" }, { "db": "ZDI", "id": "ZDI-11-070" }, { "db": "BID", "id": "46212" }, { "db": "VULHUB", "id": "VHN-48540" }, { "db": "PACKETSTORM", "id": "99246" }, { "db": "PACKETSTORM", "id": "98278" }, { "db": "PACKETSTORM", "id": "98320" }, { "db": "PACKETSTORM", "id": "109194" } ], "trust": 2.97 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://www.scap.org.cn/vuln/vhn-48540", "trust": 0.1, "type": "unknown" } ], "sources": [ { "db": "VULHUB", "id": "VHN-48540" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2011-0595", "trust": 3.7 }, { "db": "ZDI", "id": "ZDI-11-070", "trust": 2.3 }, { "db": "BID", "id": "46212", "trust": 2.2 }, { "db": "SECTRACK", "id": "1025033", "trust": 1.9 }, { "db": "VUPEN", "id": "ADV-2011-0337", "trust": 1.9 }, { "db": "SECUNIA", "id": "43470", "trust": 1.2 }, { "db": "VUPEN", "id": "ADV-2011-0492", "trust": 1.1 }, { "db": "SECUNIA", "id": "43207", "trust": 1.0 }, { "db": "JVNDB", "id": "JVNDB-2011-001207", "trust": 0.8 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-900", "trust": 0.7 }, { "db": "CNNVD", "id": "CNNVD-201102-140", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "98278", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-48540", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "99246", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-074", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-071", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-066", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-067", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-077", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-073", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-072", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-065", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-068", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-075", "trust": 0.1 }, { "db": "ZDI", "id": "ZDI-11-069", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "98320", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "109194", "trust": 0.1 } ], "sources": [ { "db": "ZDI", "id": "ZDI-11-070" }, { "db": "VULHUB", "id": "VHN-48540" }, { "db": "BID", "id": "46212" }, { "db": "JVNDB", "id": "JVNDB-2011-001207" }, { "db": "PACKETSTORM", "id": "99246" }, { "db": "PACKETSTORM", "id": "98278" }, { "db": "PACKETSTORM", "id": "98320" }, { "db": "PACKETSTORM", "id": "109194" }, { "db": "NVD", "id": "CVE-2011-0595" }, { "db": "CNNVD", "id": "CNNVD-201102-140" } ] }, "id": "VAR-201102-0067", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-48540" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T10:43:34.822000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "APSB11-03", "trust": 1.5, "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" }, { "title": "cpsid_89065", "trust": 0.8, "url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html" }, { "title": "RHSA-2011:0301", "trust": 0.8, "url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html" } ], "sources": [ { "db": "ZDI", "id": "ZDI-11-070" }, { "db": "JVNDB", "id": "JVNDB-2011-001207" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-48540" }, { "db": "JVNDB", "id": "JVNDB-2011-001207" }, { "db": "NVD", "id": "CVE-2011-0595" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.9, "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" }, { "trust": 1.9, "url": "http://www.securityfocus.com/bid/46212" }, { "trust": 1.9, "url": "http://www.securitytracker.com/id?1025033" }, { "trust": 1.9, "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "trust": 1.5, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/516312" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12500" }, { "trust": 1.1, "url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html" }, { "trust": 1.1, "url": "http://secunia.com/advisories/43470" }, { "trust": 1.1, "url": "http://www.vupen.com/english/advisories/2011/0492" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0595" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/at/2011/at110004.txt" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0595" }, { "trust": 0.8, "url": "http://secunia.com/advisories/43207" }, { "trust": 0.8, "url": "http://www.npa.go.jp/cyberpolice/#topics" }, { "trust": 0.3, "url": "http://www.adobe.com" }, { "trust": 0.3, "url": "/archive/1/516312" }, { "trust": 0.2, "url": "http://secunia.com/products/corporate/evm/" }, { "trust": 0.2, "url": "http://secunia.com/products/corporate/vim/section_179/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.2, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.2, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595" }, { "trust": 0.1, "url": "http://secunia.com/advisories/43470/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/43470/#comments" }, { "trust": 0.1, "url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-070" }, { "trust": 0.1, "url": "http://vreugdenhilresearch.nl" }, { "trust": 0.1, "url": "http://secunia.com/" }, { "trust": 0.1, "url": "http://twitter.com/thezdi" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com" }, { "trust": 0.1, "url": "http://lists.grok.org.uk/full-disclosure-charter.html" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/43207/#comments" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/" }, { "trust": 0.1, "url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/" }, { "trust": 0.1, "url": "http://www.fortiguard.com/advisory/fga-2011-06.html" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/43207/" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/" }, { "trust": 0.1, "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-201201-19.xml" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." } ], "sources": [ { "db": "ZDI", "id": "ZDI-11-070" }, { "db": "VULHUB", "id": "VHN-48540" }, { "db": "BID", "id": "46212" }, { "db": "JVNDB", "id": "JVNDB-2011-001207" }, { "db": "PACKETSTORM", "id": "99246" }, { "db": "PACKETSTORM", "id": "98278" }, { "db": "PACKETSTORM", "id": "98320" }, { "db": "PACKETSTORM", "id": "109194" }, { "db": "NVD", "id": "CVE-2011-0595" }, { "db": "CNNVD", "id": "CNNVD-201102-140" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "ZDI", "id": "ZDI-11-070" }, { "db": "VULHUB", "id": "VHN-48540" }, { "db": "BID", "id": "46212" }, { "db": "JVNDB", "id": "JVNDB-2011-001207" }, { "db": "PACKETSTORM", "id": "99246" }, { "db": "PACKETSTORM", "id": "98278" }, { "db": "PACKETSTORM", "id": "98320" }, { "db": "PACKETSTORM", "id": "109194" }, { "db": "NVD", "id": "CVE-2011-0595" }, { "db": "CNNVD", "id": "CNNVD-201102-140" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-02-08T00:00:00", "db": "ZDI", "id": "ZDI-11-070" }, { "date": "2011-02-10T00:00:00", "db": "VULHUB", "id": "VHN-48540" }, { "date": "2011-02-08T00:00:00", "db": "BID", "id": "46212" }, { "date": "2011-03-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-001207" }, { "date": "2011-03-14T11:37:12", "db": "PACKETSTORM", "id": "99246" }, { "date": "2011-02-08T22:28:42", "db": "PACKETSTORM", "id": "98278" }, { "date": "2011-02-09T03:30:01", "db": "PACKETSTORM", "id": "98320" }, { "date": "2012-01-31T00:07:37", "db": "PACKETSTORM", "id": "109194" }, { "date": "2011-02-10T18:00:58.643000", "db": "NVD", "id": "CVE-2011-0595" }, { "date": "2011-02-10T00:00:00", "db": "CNNVD", "id": "CNNVD-201102-140" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-02-08T00:00:00", "db": "ZDI", "id": "ZDI-11-070" }, { "date": "2018-10-30T00:00:00", "db": "VULHUB", "id": "VHN-48540" }, { "date": "2013-06-20T09:40:00", "db": "BID", "id": "46212" }, { "date": "2011-03-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-001207" }, { "date": "2018-10-30T16:25:16.967000", "db": "NVD", "id": "CVE-2011-0595" }, { "date": "2011-07-06T00:00:00", "db": "CNNVD", "id": "CNNVD-201102-140" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "98278" }, { "db": "PACKETSTORM", "id": "109194" }, { "db": "CNNVD", "id": "CNNVD-201102-140" } ], "trust": 0.8 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution", "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-001207" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation", "sources": [ { "db": "CNNVD", "id": "CNNVD-201102-140" } ], "trust": 0.6 } }
gsd-2011-0595
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2011-0595", "description": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600.", "id": "GSD-2011-0595", "references": [ "https://www.suse.com/security/cve/CVE-2011-0595.html", "https://access.redhat.com/errata/RHSA-2011:0301" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2011-0595" ], "details": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600.", "id": "GSD-2011-0595", "modified": "2023-12-13T01:19:04.785009Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2011-0595", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "ADV-2011-0492", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0492" }, { "name": "43470", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43470" }, { "name": "RHSA-2011:0301", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-070/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-070/" }, { "name": "ADV-2011-0337", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "name": "1025033", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1025033" }, { "name": "20110208 ZDI-11-070: Adobe Acrobat Reader U3D Texture .fli RLE Decompression Remote Code Execution Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/516312" }, { "name": "oval:org.mitre.oval:def:12500", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12500" }, { "name": "46212", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46212" }, { "name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "psirt@adobe.com", "ID": "CVE-2011-0595" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-20" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html", "refsource": "CONFIRM", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" }, { "name": "ADV-2011-0337", "refsource": "VUPEN", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2011/0337" }, { "name": "1025033", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id?1025033" }, { "name": "RHSA-2011:0301", "refsource": "REDHAT", "tags": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html" }, { "name": "43470", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/43470" }, { "name": "20110208 ZDI-11-070: Adobe Acrobat Reader U3D Texture .fli RLE Decompression Remote Code Execution Vulnerability", "refsource": "BUGTRAQ", "tags": [], "url": "http://www.securityfocus.com/archive/1/516312" }, { "name": "46212", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/46212" }, { "name": "ADV-2011-0492", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2011/0492" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-070/", "refsource": "MISC", "tags": [], "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-070/" }, { "name": "oval:org.mitre.oval:def:12500", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12500" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": true } }, "lastModifiedDate": "2018-10-30T16:25Z", "publishedDate": "2011-02-10T18:00Z" } } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.