Adobe Reader PDF 3D Image JavaScript RemoveItem Code Execution (APSB11-16;CVE-2011-2099)
| Check Point Reference: | CPAI-2011-310 | |
| Date Published: | ||
| Severity: | ||
| Source: | Adobe Security Bulletin APSB11-16 | |
| Industry Reference(s): | CVE-2011-2099 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Adobe Reader X (10.0.1) and earlier 10.x versions for Windows
Adobe Reader X (10.0.3) and earlier 10.x versions for Macintosh
Adobe Reader 9.4.4 and earlier 9.x versions for Windows and Macintosh
Adobe Reader 8.2.6 and earlier 8.x versions for Windows and Macintosh
Adobe Acrobat X (10.0.3) and earlier 10.x versions for Windows and Macintosh
Adobe Acrobat 9.4.4 and earlier 9.x versions for Windows and Macintosh
Adobe Acrobat 8.2.6 and earlier 8.x versions for Windows and Macintosh
| ||
| Vulnerability Description A memory corruption vulnerability has been reported in Adobe Reader that could potentially allow an attacker to crash the application and take control of the system. |
||
|
Update/Patch Available Upgrade to newer version of Adobe Reader |
|
|
Vulnerability Details The volenerabilty is in the way that Adobe Reader handles JavaScript code PDF files. A remote attacker could exploit this volenerabilty by convincing a victim to open malformed PDF file with Adobe Reader. Successful exploitation of this vulnerability could allow the attacker to crash the application and take control of the system. |
Protection Overview
The protection will detect and block transferring of suspicious PDF files over HTTP
To configure the defense, select your product from the list below and follow the related protection steps.