Adobe Reader PDF CIDFont Dictionary Memory Corruption (APSB11-16; CVE-2011-2105)
| Check Point Reference: | CPAI-2011-311 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Adobe Security Bulletin APSB11-16 | |
| Industry Reference(s): | CVE-2011-2105 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Adobe Reader X (10.0.1) and earlier 10.x versions for Windows Adobe Reader X (10.0.3) and earlier 10.x versions for Macintosh Adobe Reader 9.4.4 and earlier 9.x versions for Windows and Macintosh Adobe Reader 8.2.6 and earlier 8.x versions for Windows and Macintosh Adobe Acrobat X (10.0.3) and earlier 10.x versions for Windows and Macintosh Adobe Acrobat 9.4.4 and earlier 9.x versions for Windows and Macintosh Adobe Acrobat 8.2.6 and earlier 8.x versions for Windows and Macintosh | ||
| Vulnerability Description A memory corruption vulnerability has been reported in Adobe Reader. Successful exploitation of this vulnerability may cause a memory corruption, causing the application to crash, and may allow execution of arbitrary code once a malicious PDF file is loaded on a vulnerable system. |
||
|
Update/Patch Available Upgrade to newer version of Adobe Reader |
|
|
Vulnerability Details This is a memory corruption vulnerability. The vulnerability is due to an error in Adobe Reader when handling PDF files that contain CIDFont Dictionary entries. A remote attacker could trigger these flaws via a specially crafted PDF file. Successful exploitation of this vulnerability may cause a memory corruption, causing the application to crash, and may allow execution of arbitrary code once a malicious PDF file is loaded on a vulnerable system. |
Protection Overview
This protection will detect and block the transferring of malformed PDF files over HTTP.
To configure the defense, select your product from the list below and follow the related protection steps.