var-201201-0079
Vulnerability from variot
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within 2d.x3d, which is Adobe Reader's code responsible for processing BMP files. When passing a negative size parameter in the 'colors' field, a series of signed comparisons will be averted, and the overly large size parameter is passed to a memcpy(). Failed exploit attempts will likely cause denial-of-service conditions. Adobe Reader and Acrobat Both Adobe Adobe ) company's products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-021 February 8, 2012
-
-- CVE ID: CVE-2011-4373
-
-- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
-
-- Affected Vendors:
Adobe
- -- Affected Products:
Adobe Reader
-
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 12017.
-
-- Vendor Response:
Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb12-01.html
- -- Disclosure Timeline: 2011-10-28 - Vulnerability reported to vendor
2012-02-08 - Coordinated public release of advisory
-
-- Credit: This vulnerability was discovered by:
-
Alin Rad Pop
-
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32)
iQEcBAEBAgAGBQJPMq81AAoJEFVtgMGTo1scKo0H/RBf8xeNOSi+vB165I6YTW/O 06jR18N54qnTH37TRIptj3n0UdgcGoFpDjGMFWEfEt0yTc1gG8fEEtO0Q/m6bOJN 6oaHav+VdyAPDcw13VRiRL7QnvR5NqAGvdzYikO7QpiVEOmTvWetK8/ODPqziNHc 5jWQB9p7bCkXxgNrY9PkyWkE9seFa1G8apYX4rdJC/DUXJIcPHy7YgdFykrcw4c/ r84LSfPBAuLPuZnHVBcxPlx21LIYYJdZuF0zHkqGx0x1WG04GatJmzNsLiruVzNt +EKgjt9XUFmuZa7ovYvHiDkyFtGWCSgmrOM3Iy5EOdpfexKhUltel7qHYzTE3QA= =nWOH -----END PGP SIGNATURE----- .
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.1 >= 9.5.1
Description
Multiple vulnerabilities have been found in Adobe Reader, including an integer overflow in TrueType Font handling (CVE-2012-0774) and multiple unspecified errors which could cause memory corruption.
Impact
A remote attacker could entice a user to open a specially crafted PDF file, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.1"
References
[ 1 ] CVE-2011-4370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4370 [ 2 ] CVE-2011-4371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4371 [ 3 ] CVE-2011-4372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4372 [ 4 ] CVE-2011-4373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4373 [ 5 ] CVE-2012-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0774 [ 6 ] CVE-2012-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0775 [ 7 ] CVE-2012-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0776 [ 8 ] CVE-2012-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0777
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201206-14.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201201-0079",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.6 and 9.x previous version for macintosh"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.7 and 9.x previous version for windows"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.1) 10.x for windows and macintosh"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.6 and 9.x previous version for macintosh"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.7 and 9.x previous version for windows"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.1) 10.x for windows and macintosh"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-021"
},
{
"db": "BID",
"id": "51350"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001041"
},
{
"db": "NVD",
"id": "CVE-2011-4373"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-108"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.1.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.1.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:reader:9.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.4.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.4.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:reader:9.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.4.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.4.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4373"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alin Rad Pop",
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-021"
}
],
"trust": 0.7
},
"cve": "CVE-2011-4373",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2011-4373",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 1.5,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-52318",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-4373",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2011-4373",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-4373",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201201-108",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-52318",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-021"
},
{
"db": "VULHUB",
"id": "VHN-52318"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001041"
},
{
"db": "NVD",
"id": "CVE-2011-4373"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-108"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within 2d.x3d, which is Adobe Reader\u0027s code responsible for processing BMP files. When passing a negative size parameter in the \u0027colors\u0027 field, a series of signed comparisons will be averted, and the overly large size parameter is passed to a memcpy(). Failed exploit attempts will likely cause denial-of-service conditions. Adobe Reader and Acrobat Both Adobe Adobe ) company\u0027s products. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code\nExecution Vulnerability\nhttp://www.zerodayinitiative.com/advisories/ZDI-12-021\nFebruary 8, 2012\n\n- -- CVE ID:\nCVE-2011-4373\n\n- -- CVSS:\n7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P\n\n- -- Affected Vendors:\n\nAdobe\n\n\n\n- -- Affected Products:\n\nAdobe Reader\n\n\n\n- -- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 12017. \n\n- -- Vendor Response:\n\nAdobe has issued an update to correct this vulnerability. More details\ncan be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb12-01.html\n\n\n\n\n- -- Disclosure Timeline:\n2011-10-28 - Vulnerability reported to vendor\n\n2012-02-08 - Coordinated public release of advisory\n\n\n\n- -- Credit:\nThis vulnerability was discovered by:\n\n* Alin Rad Pop\n\n\n\n- -- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents\na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.17 (MingW32)\n\niQEcBAEBAgAGBQJPMq81AAoJEFVtgMGTo1scKo0H/RBf8xeNOSi+vB165I6YTW/O\n06jR18N54qnTH37TRIptj3n0UdgcGoFpDjGMFWEfEt0yTc1gG8fEEtO0Q/m6bOJN\n6oaHav+VdyAPDcw13VRiRL7QnvR5NqAGvdzYikO7QpiVEOmTvWetK8/ODPqziNHc\n5jWQB9p7bCkXxgNrY9PkyWkE9seFa1G8apYX4rdJC/DUXJIcPHy7YgdFykrcw4c/\nr84LSfPBAuLPuZnHVBcxPlx21LIYYJdZuF0zHkqGx0x1WG04GatJmzNsLiruVzNt\n+EKgjt9XUFmuZa7ovYvHiDkyFtGWCSgmrOM3Iy5EOdpfexKhUltel7qHYzTE3QA=\n=nWOH\n-----END PGP SIGNATURE-----\n. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.1 \u003e= 9.5.1\n\nDescription\n===========\n\nMultiple vulnerabilities have been found in Adobe Reader, including an\ninteger overflow in TrueType Font handling (CVE-2012-0774) and multiple\nunspecified errors which could cause memory corruption. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-4370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4370\n[ 2 ] CVE-2011-4371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4371\n[ 3 ] CVE-2011-4372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4372\n[ 4 ] CVE-2011-4373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4373\n[ 5 ] CVE-2012-0774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0774\n[ 6 ] CVE-2012-0775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0775\n[ 7 ] CVE-2012-0776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0776\n[ 8 ] CVE-2012-0777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0777\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201206-14.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4373"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001041"
},
{
"db": "ZDI",
"id": "ZDI-12-021"
},
{
"db": "BID",
"id": "51350"
},
{
"db": "VULHUB",
"id": "VHN-52318"
},
{
"db": "PACKETSTORM",
"id": "109553"
},
{
"db": "PACKETSTORM",
"id": "114069"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-52318",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52318"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4373",
"trust": 3.7
},
{
"db": "BID",
"id": "51350",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1026496",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-12-021",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001041",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1426",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201201-108",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "109553",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-52318",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114069",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-021"
},
{
"db": "VULHUB",
"id": "VHN-52318"
},
{
"db": "BID",
"id": "51350"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001041"
},
{
"db": "PACKETSTORM",
"id": "109553"
},
{
"db": "PACKETSTORM",
"id": "114069"
},
{
"db": "NVD",
"id": "CVE-2011-4373"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-108"
}
]
},
"id": "VAR-201201-0079",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-52318"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:27:44.520000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-01",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"title": "APSB12-01",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-01.html"
},
{
"title": "cpsid_92823",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/928/cpsid_92823.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120112.html"
},
{
"title": "AcrobatUpd1012",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=42400"
},
{
"title": "AdbeRdrUpd1012",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=42399"
},
{
"title": "AdbeRdrUpd950_mui",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=42398"
},
{
"title": "AcrobatUpd1012",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=42402"
},
{
"title": "AcrobatUpd945_all_incr",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=42401"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-021"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001041"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-108"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4373"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/51350"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14615"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1026496"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4373"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2012/at120003.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4373"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics\\\\"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-021/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4373"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-021"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4370"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0775"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0777"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4371"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0776"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0774"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4373"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0776"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0774"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201206-14.xml"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0775"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4372"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0777"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4370"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4372"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-021"
},
{
"db": "VULHUB",
"id": "VHN-52318"
},
{
"db": "BID",
"id": "51350"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001041"
},
{
"db": "PACKETSTORM",
"id": "109553"
},
{
"db": "PACKETSTORM",
"id": "114069"
},
{
"db": "NVD",
"id": "CVE-2011-4373"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-108"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-12-021"
},
{
"db": "VULHUB",
"id": "VHN-52318"
},
{
"db": "BID",
"id": "51350"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001041"
},
{
"db": "PACKETSTORM",
"id": "109553"
},
{
"db": "PACKETSTORM",
"id": "114069"
},
{
"db": "NVD",
"id": "CVE-2011-4373"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-108"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-12-021"
},
{
"date": "2012-01-10T00:00:00",
"db": "VULHUB",
"id": "VHN-52318"
},
{
"date": "2012-01-10T00:00:00",
"db": "BID",
"id": "51350"
},
{
"date": "2012-01-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001041"
},
{
"date": "2012-02-08T21:36:22",
"db": "PACKETSTORM",
"id": "109553"
},
{
"date": "2012-06-22T20:23:37",
"db": "PACKETSTORM",
"id": "114069"
},
{
"date": "2012-01-10T21:55:03.637000",
"db": "NVD",
"id": "CVE-2011-4373"
},
{
"date": "2012-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-108"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-12-021"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-52318"
},
{
"date": "2013-06-20T09:40:00",
"db": "BID",
"id": "51350"
},
{
"date": "2012-01-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001041"
},
{
"date": "2022-06-03T15:50:48.373000",
"db": "NVD",
"id": "CVE-2011-4373"
},
{
"date": "2022-06-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-108"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109553"
},
{
"db": "PACKETSTORM",
"id": "114069"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-108"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001041"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201201-108"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.