This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:STC:ADOBE:PDF-LIBTIFF
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
Adobe PDF Import Tiff Buffer Overflow
|
Release Date |
2010/04/15
|
Update Number |
1658
|
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: Adobe PDF Import Tiff Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Adobe Acrobat Reader. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.
Extended Description
Adobe Acrobat and Reader are prone to a remote code-execution vulnerability.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
The following products are affected:
Reader 9.3 for Windows, Macintosh, and UNIX
Acrobat 9.3 for Windows and Macintosh
Reader 8.2 for Windows and Macintosh
Acrobat 8.2 for Windows and Macintosh
NOTE: This BID was originally titled 'Adobe Acrobat and Reader APSB10-07 Unspecified Security Vulnerabilities' but has been updated with the release of the Adobe patches.
NOTE (February 19, 2010): Reports indicate that this issue may be related to the vulnerability discussed in BID 19283 (LibTIFF TiffFetchShortPair Remote Buffer Overflow Vulnerability). We will update this BID as more information emerges.
Affected Products
- Adobe acrobat 9.1.1
- Adobe acrobat 9.2
- Adobe acrobat 9.3
- Adobe acrobat_professional 8.0
- Adobe acrobat_professional 8.1
- Adobe acrobat_professional 8.1.1
- Adobe acrobat_professional 8.1.2
- Adobe acrobat_professional 8.1.2 Security Update 1
- Adobe acrobat_professional 8.1.3
- Adobe acrobat_professional 8.1.4
- Adobe acrobat_professional 8.1.6
- Adobe acrobat_professional 8.1.7
- Adobe acrobat_professional 8.2
- Adobe acrobat_professional 9
- Adobe acrobat_professional 9.1
- Adobe acrobat_professional 9.1.2
- Adobe acrobat_professional 9.1.3
- Adobe acrobat_professional 9.2
- Adobe acrobat_professional 9.3
- Adobe acrobat_standard 8.0
- Adobe acrobat_standard 8.1
- Adobe acrobat_standard 8.1.1
- Adobe acrobat_standard 8.1.2
- Adobe acrobat_standard 8.1.3
- Adobe acrobat_standard 8.1.4
- Adobe acrobat_standard 8.1.6
- Adobe acrobat_standard 8.1.7
- Adobe acrobat_standard 8.2
- Adobe acrobat_standard 9
- Adobe acrobat_standard 9.1
- Adobe acrobat_standard 9.1.2
- Adobe acrobat_standard 9.1.3
- Adobe acrobat_standard 9.2
- Adobe acrobat_standard 9.3
- Adobe reader 8.0
- Adobe reader 8.1
- Adobe reader 8.1.1
- Adobe reader 8.1.2
- Adobe reader 8.1.2 Security Update 1
- Adobe reader 8.1.3
- Adobe reader 8.1.4
- Adobe reader 8.1.5
- Adobe reader 8.1.6
- Adobe reader 8.1.7
- Adobe reader 8.2
- Adobe reader 9
- Adobe reader 9.1
- Adobe reader 9.1.1
- Adobe reader 9.1.2
- Adobe reader 9.1.3
- Adobe reader 9.2
- Adobe reader 9.3
- Gentoo linux
- Red_hat enterprise_linux_desktop 5 Client
- Red_hat enterprise_linux_desktop_supplementary 5 Client
- Red_hat enterprise_linux_es 4.8.Z
- Red_hat enterprise_linux_es_extras 4
- Red_hat enterprise_linux_eus 5.4.Z Server
- Suse moblin 2.0
- Suse opensuse 11.0
- Suse opensuse 11.1
- Suse opensuse 11.2
- Suse suse_linux_enterprise 11
- Suse suse_linux_enterprise_desktop 10 SP2
- Suse suse_linux_enterprise_desktop 10 SP3
References