Signature Detail

HTTP: Adobe Acrobat and Reader ICC CLUT Field Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat and Reader. A successful attack can lead to arbitrary code execution.

Extended Description

Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected.

Affected Products

• Adobe acrobat 10.0
• Adobe acrobat 8.1.5
• Adobe acrobat 8.2.2
• Adobe acrobat 8.2.3
• Adobe acrobat 8.2.4
• Adobe acrobat 8.2.5
• Adobe acrobat 9.1.1
• Adobe acrobat 9.2
• Adobe acrobat 9.3
• Adobe acrobat 9.3.1
• Adobe acrobat 9.3.2
• Adobe acrobat 9.3.3
• Adobe acrobat 9.3.3
• Adobe acrobat 9.3.4
• Adobe acrobat 9.3.4
• Adobe acrobat 9.4
• Adobe acrobat 9.4.1
• Adobe acrobat_professional 10.0
• Adobe acrobat_professional 8.0
• Adobe acrobat_professional 8.1
• Adobe acrobat_professional 8.1.1
• Adobe acrobat_professional 8.1.2
• Adobe acrobat_professional 8.1.2 Security Update 1
• Adobe acrobat_professional 8.1.3
• Adobe acrobat_professional 8.1.4
• Adobe acrobat_professional 8.1.6
• Adobe acrobat_professional 8.1.7
• Adobe acrobat_professional 8.2
• Adobe acrobat_professional 8.2.1
• Adobe acrobat_professional 8.2.2
• Adobe acrobat_professional 8.2.4
• Adobe acrobat_professional 8.2.5
• Adobe acrobat_professional 9
• Adobe acrobat_professional 9.1
• Adobe acrobat_professional 9.1.2
• Adobe acrobat_professional 9.1.3
• Adobe acrobat_professional 9.2
• Adobe acrobat_professional 9.3
• Adobe acrobat_professional 9.3.1
• Adobe acrobat_professional 9.3.2
• Adobe acrobat_professional 9.3.3
• Adobe acrobat_professional 9.3.4
• Adobe acrobat_professional 9.4
• Adobe acrobat_professional 9.4.1
• Adobe acrobat_professional 9 Extended
• Adobe acrobat_standard 10.0
• Adobe acrobat_standard 8.0
• Adobe acrobat_standard 8.1
• Adobe acrobat_standard 8.1.1
• Adobe acrobat_standard 8.1.2
• Adobe acrobat_standard 8.1.3
• Adobe acrobat_standard 8.1.4
• Adobe acrobat_standard 8.1.6
• Adobe acrobat_standard 8.1.7
• Adobe acrobat_standard 8.2
• Adobe acrobat_standard 8.2.1
• Adobe acrobat_standard 8.2.2
• Adobe acrobat_standard 8.2.4
• Adobe acrobat_standard 8.2.5
• Adobe acrobat_standard 9
• Adobe acrobat_standard 9.1
• Adobe acrobat_standard 9.1.2
• Adobe acrobat_standard 9.1.3
• Adobe acrobat_standard 9.2
• Adobe acrobat_standard 9.3
• Adobe acrobat_standard 9.3.1
• Adobe acrobat_standard 9.3.2
• Adobe acrobat_standard 9.3.3
• Adobe acrobat_standard 9.3.4
• Adobe acrobat_standard 9.3.4
• Adobe acrobat_standard 9.4
• Adobe acrobat_standard 9.4.1
• Adobe reader 10.0
• Adobe reader 8.0
• Adobe reader 8.1
• Adobe reader 8.1.1
• Adobe reader 8.1.2
• Adobe reader 8.1.2 Security Update 1
• Adobe reader 8.1.3
• Adobe reader 8.1.4
• Adobe reader 8.1.5
• Adobe reader 8.1.6
• Adobe reader 8.1.7
• Adobe reader 8.2
• Adobe reader 8.2.1
• Adobe reader 8.2.2
• Adobe reader 8.2.3
• Adobe reader 8.2.4
• Adobe reader 8.2.5
• Adobe reader 9
• Adobe reader 9.1
• Adobe reader 9.1.1
• Adobe reader 9.1.2
• Adobe reader 9.1.3
• Adobe reader 9.2
• Adobe reader 9.3
• Adobe reader 9.3.1
• Adobe reader 9.3.2
• Adobe reader 9.3.3
• Adobe reader 9.3.4
• Adobe reader 9.3.4
• Adobe reader 9.4
• Adobe reader 9.4.1
• Gentoo linux
• Red_hat desktop_extras 4
• Red_hat enterprise_linux_as_extras 4
• Red_hat enterprise_linux_desktop_supplementary 5 Client
• Red_hat enterprise_linux_desktop_supplementary 6
• Red_hat enterprise_linux_es_extras 4
• Red_hat enterprise_linux_extras 4
• Red_hat enterprise_linux_server_supplementary 6
• Red_hat enterprise_linux_supplementary 5 Server
• Red_hat enterprise_linux_workstation_supplementary 6
• Red_hat enterprise_linux_ws_extras 4
• Suse opensuse 11.2
• Suse opensuse 11.3
• Suse suse_linux_enterprise_desktop 10 SP3
• Suse suse_linux_enterprise_desktop 11 SP1

References

• BugTraq: 46219
• CVE: CVE-2011-0598