JPCERT-AT-2010-0022
JPCERT/CC
2010-08-20
<<< JPCERT/CC Alert 2010-08-20 >>>
Vulnerabilities in Adobe Reader and Acrobat
https://www.jpcert.or.jp/at/2010/at100022.txt
I. Overview
Multiple vulnerabilities exist in Adobe Acrobat, a PDF file creation
and conversion software, and Adobe Reader, a PDF file viewing software.
As a result, a remote attacker could terminate Adobe Reader and
Acrobat or execute arbitrary code by convincing a user to open a
specially crafted PDF file.
Adobe - Security Bulletins:
Security updates available for Adobe Reader and Acrobat
http://www.adobe.com/support/security/bulletins/apsb10-17.html
So far, JPCERT/CC has not confirmed any attacks exploiting these
vulnerabilities.
II. Products Affected
Affected products and versions are as follows:
- Adobe Reader 9.3.3 and earlier
- Adobe Acrobat 9.3.3 and earlier
- Adobe Reader 8.2.3 and earlier
- Adobe Acrobat 8.2.3 and earlier
III. Solution
Apply the corrected software provided by Adobe Systems. Adobe Reader
and Acrobat will be updated by starting the products, selecting the
menu Help (H), and then clicking Check for Updates (U).
If update is not possible, download the latest Adobe Reader and
Acrobat from the following URL:
Adobe.com - New downloads
http://www.adobe.com/support/downloads/new.jsp
For more information, refer to Adobe Systems' website.
IV. References
Adobe - Security Bulletins
Security updates available for Adobe Reader and Acrobat
http://www.adobe.com/support/security/bulletins/apsb10-17.html
US-CERT Technical Cyber Security Alert TA10-231A
Adobe Reader and Acrobat Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA10-231A.html
If you have any further questions or information regarding this
alert, please contact JPCERT/CC.
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-3518-4600 FAX: +81-3-3518-4602
https://www.jpcert.or.jp/english/
Top