Vulnerability & Exploit Database

Back to search

RHSA-2011:1434: acroread security update

Severity CVSS Published Added Modified
10 (AV:N/AC:L/Au:N/C:C/I:C/A:C) August 09, 2011 November 09, 2011 September 06, 2015

Available Exploits 

Description

Adobe Reader allows users to view and print documents in Portable DocumentFormat (PDF).This update fixes multiple security flaws in Adobe Reader. These flaws aredetailed on the Adobe security page APSB11-24, listed in the Referencessection. A specially-crafted PDF file could cause Adobe Reader to crash or,potentially, execute arbitrary code as the user running Adobe Reader whenopened. (CVE-2011-2431, CVE-2011-2432, CVE-2011-2433, CVE-2011-2434,CVE-2011-2435, CVE-2011-2436, CVE-2011-2437, CVE-2011-2438, CVE-2011-2439,CVE-2011-2440, CVE-2011-2442)This update also fixes multiple security flaws in Adobe Flash Playerembedded in Adobe Reader. These flaws are detailed on the Adobe securitypages APSB11-21 and APSB11-26, listed in the References section.A PDF file with an embedded, specially-crafted SWF file could cause AdobeReader to crash or, potentially, execute arbitrary code as the user runningAdobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)A flaw in Adobe Flash Player could allow an attacker to conduct cross-sitescripting (XSS) attacks if a victim were tricked into visiting aspecially-crafted web page. (CVE-2011-2444)This update also fixes an information disclosure flaw in Adobe FlashPlayer. (CVE-2011-2429)All Adobe Reader users should install these updated packages. They containAdobe Reader version 9.4.6, which is not vulnerable to these issues. Allrunning instances of Adobe Reader must be restarted for the update to takeeffect.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

linuxrpm-upgrade-rhel50-ix86-acroread

Related Vulnerabilities