Published: 2010-04-24T08:49+00:00
Last Updated: 2010-04-24T08:49+00:00
JVNTR-2010-13
Adobe Reader and Acrobat Vulnerabilities (TA10-103C)
Overview
Adobe has released Security Bulletin APSB10-09, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
Event Information
Date (UTC) | Description |
2010-04-14 02:48 |
JPCERT/CC JPCERT-AT-2010-0009: Vulnerability in Adobe Reader and Acrobat |
2010-04-13 18:55 |
SANS Internet Storm Center Security update available for Adobe Reader and Acrobat Adobe has also released updates for their Reader and Acrobat products. |
2010-04-13 18:39 |
US-CERT Adobe Releases Security Updates for Adobe Reader and Acrobat US-CERT Current Activity Adobe has released security updates to address multiple vulnerabilities that affect the following: Adobe Reader 9.3.1 and earlier, Adobe Acrobat 9.3.1 and earlier, Adobe Reader 8.2.1 and earlier, Adobe Acrobat 8.2.1 and earlier |
2010-04-13 11:14 |
Adobe APSB10-09: Security Advisory for Adobe Reader and Acrobat Adobe recommends users of Adobe Reader 9.3.1 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader 9.3.2. (For Adobe Reader users on Windows and Macintosh, who cannot update to Adobe Reader 9.3.2, Adobe has provided the Adobe Reader 8.2.2 update.) Adobe recommends users of Adobe Acrobat 9.3.1 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.3.2. Adobe recommends users of Acrobat 8.2.1 and earlier versions for Windows and Macintosh update to Acrobat 8.2.2. |
2010-04-08 10:04 |
Adobe Pre-Notification - Quarterly Security Update for Adobe Reader and Acrobat Adobe Product Security Incident Response Team (PSIRT) |
2010-04-08 10:04 |
Adobe APSB10-09: Security Advisory for Adobe Reader and Acrobat Adobe is planning to release updates for Adobe Reader 9.3.1 for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.1 for Windows and Macintosh, and Adobe Reader 8.2.1 and Acrobat 8.2.1 for Windows and Macintosh to resolve critical security issues. Adobe expects to make these quarterly updates available on April 13, 2010. |
2010-03-16 |
VUPEN VUPEN/ADV-2010-0873: Adobe Acrobat and Reader PNG Data Buffer Overflow Vulnerability PNG Data Buffer Overflow Vulnerability (CVE-2010-0198) Vulnerability Reported This vulnerability is caused by a buffer overflow error when processing malformed PNG data, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF document. |
2010-03-16 |
VUPEN VUPEN/ADV-2010-0873: Adobe Acrobat and Reader JPEG Data Buffer Overflow Vulnerability PNG Data Buffer Overflow Vulnerability (CVE-2010-0199) Vulnerability Reported This vulnerability is caused by a buffer overflow error when processing malformed JPEG data, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF document. |
2010-03-16 |
VUPEN VUPEN/ADV-2010-0873: Adobe Acrobat and Reader GIF Data Buffer Overflow Vulnerability GIF Data Buffer Overflow Vulnerability (CVE-2010-0202) Vulnerability Reported This vulnerability is caused by a buffer overflow error when processing malformed GIF (Graphics Interchange Format) data, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF document. |
2010-03-16 |
VUPEN VUPEN/ADV-2010-0873: Adobe Acrobat and Reader BMP Data Buffer Overflow Vulnerability BMP Data Buffer Overflow Vulnerability (CVE-2010-0203) Vulnerability Reported This vulnerability is caused by a buffer overflow error when processing malformed BitMap (BMP) data, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF document. |
2010-02-18 |
Zero Day Initiative (ZDI) ZDI-10-071: Adobe Reader TrueType Font Handling Remote Code Execution Vulnerability Font Handling Vulnerability (CVE-2010-0195) Reported The specific flaw exists within the parsing of embedded fonts inside a PDF document. Upon parsing particular tables out of a font file the application will miscalculate an index used for seeking into a buffer. Later the application will begin to copy data into the calculated pointer corrupting the referenced data structure. Successful exploitation will lead to code execution under the context of the application. |