December 10, 2016

Adobe Releases Security Updates for Adobe Reader X

(LiveHacking.Com) – Adobe has released security updates for Adobe Reader to address vulnerabilities that could cause the application to crash and potentially allow an attacker to take control of the affected system.

The vulnerabilities fixed include:

  • An integer overflow in the True Type Font (TTF) handling that could lead to code execution (CVE-2012-0774).
  • A memory corruption in the JavaScript handling that could lead to code execution (CVE-2012-0775).
  • A security bypass via the Adobe Reader installer that could lead to code execution (CVE-2012-0776).
  • A memory corruption in the JavaScript API that could lead to code execution (CVE-2012-0777) (Macintosh and Linux only).

Affected Versions

  • Adobe Reader X (10.1.2) and earlier 10.x versions for Windows and Macintosh
  • Adobe Reader 9.5 and earlier 9.x versions for Windows and Macintosh
  • Adobe Reader 9.4.6 and earlier 9.x versions for Linux
  • Adobe Acrobat X (10.1.2) and earlier 10.x versions for Windows and Macintosh
  • Adobe Acrobat 9.5 and earlier 9.x versions for Windows and Macintosh

The Adobe Reader X (10.1.3) and Adobe Acrobat X (10.1.3) updates also incorporate the Adobe Flash Player updates as noted in Security Bulletins APSB12-03APSB12-05 and APSB12-07.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks