Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-announce

From: Alex Legler <a3li@g.o>
To: gentoo-announce@l.g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 201201-19 ] Adobe Reader: Multiple vulnerabilities
Date: Mon, 30 Jan 2012 13:15:25
Message-Id: 201201301345.40645.a3li@gentoo.org
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 201201-19
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: Adobe Reader: Multiple vulnerabilities
9 Date: January 30, 2012
10 Bugs: #354211, #382969, #393481
11 ID: 201201-19
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 Multiple vulnerabilities in Adobe Reader might allow remote attackers
19 to execute arbitrary code or conduct various other attacks.
20
21 Background
22 ==========
23
24 Adobe Reader is a closed-source PDF reader.
25
26 Affected packages
27 =================
28
29 -------------------------------------------------------------------
30 Package / Vulnerable / Unaffected
31 -------------------------------------------------------------------
32 1 app-text/acroread < 9.4.7 >= 9.4.7
33
34 Description
35 ===========
36
37 Multiple vulnerabilities have been discovered in Adobe Reader. Please
38 review the CVE identifiers referenced below for details.
39
40 Impact
41 ======
42
43 A remote attacker could entice a user to open a specially crafted PDF
44 file using Adobe Reader, possibly resulting in the remote execution of
45 arbitrary code, a Denial of Service, or other impact.
46
47 Workaround
48 ==========
49
50 There is no known workaround at this time.
51
52 Resolution
53 ==========
54
55 All Adobe Reader users should upgrade to the latest version:
56
57 # emerge --sync
58 # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
59
60 References
61 ==========
62
63 [ 1 ] CVE-2010-4091
64 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091
65 [ 2 ] CVE-2011-0562
66 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562
67 [ 3 ] CVE-2011-0563
68 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563
69 [ 4 ] CVE-2011-0565
70 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565
71 [ 5 ] CVE-2011-0566
72 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566
73 [ 6 ] CVE-2011-0567
74 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567
75 [ 7 ] CVE-2011-0570
76 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570
77 [ 8 ] CVE-2011-0585
78 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585
79 [ 9 ] CVE-2011-0586
80 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586
81 [ 10 ] CVE-2011-0587
82 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587
83 [ 11 ] CVE-2011-0588
84 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588
85 [ 12 ] CVE-2011-0589
86 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589
87 [ 13 ] CVE-2011-0590
88 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590
89 [ 14 ] CVE-2011-0591
90 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591
91 [ 15 ] CVE-2011-0592
92 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592
93 [ 16 ] CVE-2011-0593
94 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593
95 [ 17 ] CVE-2011-0594
96 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594
97 [ 18 ] CVE-2011-0595
98 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595
99 [ 19 ] CVE-2011-0596
100 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596
101 [ 20 ] CVE-2011-0598
102 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598
103 [ 21 ] CVE-2011-0599
104 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599
105 [ 22 ] CVE-2011-0600
106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600
107 [ 23 ] CVE-2011-0602
108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602
109 [ 24 ] CVE-2011-0603
110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603
111 [ 25 ] CVE-2011-0604
112 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604
113 [ 26 ] CVE-2011-0605
114 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605
115 [ 27 ] CVE-2011-0606
116 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606
117 [ 28 ] CVE-2011-2130
118 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130
119 [ 29 ] CVE-2011-2134
120 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134
121 [ 30 ] CVE-2011-2135
122 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135
123 [ 31 ] CVE-2011-2136
124 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136
125 [ 32 ] CVE-2011-2137
126 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137
127 [ 33 ] CVE-2011-2138
128 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138
129 [ 34 ] CVE-2011-2139
130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139
131 [ 35 ] CVE-2011-2140
132 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140
133 [ 36 ] CVE-2011-2414
134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414
135 [ 37 ] CVE-2011-2415
136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415
137 [ 38 ] CVE-2011-2416
138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416
139 [ 39 ] CVE-2011-2417
140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417
141 [ 40 ] CVE-2011-2424
142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424
143 [ 41 ] CVE-2011-2425
144 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425
145 [ 42 ] CVE-2011-2431
146 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431
147 [ 43 ] CVE-2011-2432
148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432
149 [ 44 ] CVE-2011-2433
150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433
151 [ 45 ] CVE-2011-2434
152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434
153 [ 46 ] CVE-2011-2435
154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435
155 [ 47 ] CVE-2011-2436
156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436
157 [ 48 ] CVE-2011-2437
158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437
159 [ 49 ] CVE-2011-2438
160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438
161 [ 50 ] CVE-2011-2439
162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439
163 [ 51 ] CVE-2011-2440
164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440
165 [ 52 ] CVE-2011-2441
166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441
167 [ 53 ] CVE-2011-2442
168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442
169 [ 54 ] CVE-2011-2462
170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462
171 [ 55 ] CVE-2011-4369
172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
173
174 Availability
175 ============
176
177 This GLSA and any updates to it are available for viewing at
178 the Gentoo Security Website:
179
180 http://security.gentoo.org/glsa/glsa-201201-19.xml
181
182 Concerns?
183 =========
184
185 Security is a primary focus of Gentoo Linux and ensuring the
186 confidentiality and security of our users' machines is of utmost
187 importance to us. Any security concerns should be addressed to
188 security@g.o or alternatively, you may file a bug at
189 https://bugs.gentoo.org.
190
191 License
192 =======
193
194 Copyright 2012 Gentoo Foundation, Inc; referenced text
195 belongs to its owner(s).
196
197 The contents of this document are licensed under the
198 Creative Commons - Attribution / Share Alike license.
199
200 http://creativecommons.org/licenses/by-sa/2.5

Attachments

File name MIME type
signature.asc application/pgp-signature
Report Message
Find on MARC Find on Google Groups