Vulnerability & Exploit Database

Back to search

RHSA-2010:0743: acroread security update

Severity CVSS Published Added Modified
9 (AV:N/AC:M/Au:N/C:C/I:C/A:C) October 05, 2010 October 13, 2010 July 03, 2017

Available Exploits 

Description

Adobe Reader allows users to view and print documents in Portable DocumentFormat (PDF).This update fixes multiple vulnerabilities in Adobe Reader. Thesevulnerabilities are detailed on the Adobe security page APSB10-21, listedin the References section.A specially-crafted PDF file could cause Adobe Reader to crash or,potentially, execute arbitrary code as the user running Adobe Reader whenopened. (CVE-2010-2883, CVE-2010-2884, CVE-2010-2889, CVE-2010-2890,CVE-2010-3619, CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3625,CVE-2010-3626, CVE-2010-3627, CVE-2010-3628, CVE-2010-3629, CVE-2010-3630,CVE-2010-3632, CVE-2010-3658)An insecure relative RPATH (runtime library search path) set in some AdobeReader libraries could allow a local attacker, who is able to convinceanother user to run Adobe Reader in an attacker-controlled directory, toexecute arbitrary code with the privileges of the victim. (CVE-2010-2887)A specially-crafted PDF file could cause Adobe Reader to crash when opened.(CVE-2010-3656, CVE-2010-3657)All Adobe Reader users should install these updated packages. They containAdobe Reader version 9.4, which is not vulnerable to these issues. Allrunning instances of Adobe Reader must be restarted for the update to takeeffect.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

redhat-upgrade-acroread

Related Vulnerabilities