This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:STC:DL:PDF-PRINTSEPS
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
Adobe Reader printSeps Memory Corruption
|
Release Date |
2010/11/29
|
Update Number |
1822
|
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: Adobe Reader printSeps Memory Corruption
This signature detects attempts to exploit a known memory corruption vulnerability in Adobe Acrobat and Reader products. It is due to a design error when parsing PDF files containing a JavaScript call to the Doc.printSeps method. Remote attackers can exploit this by enticing target users to open the malicious PDF document in a vulnerable version of Adobe Reader. A successful attack allows for arbitrary code injection and execution with the privileges of the currently logged in user. If the code execution fails, the vulnerable application can terminate abnormally.
Extended Description
Adobe Reader is prone to a remote memory-corruption vulnerability.
Successful exploits may allow attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.
Adobe Reader versions 9.4.0 and 8.1.7 are affected; other versions may also be vulnerable.
Affected Products
- Adobe acrobat 10.0
- Adobe acrobat_professional 10.0
- Adobe acrobat_standard 10.0
- Adobe reader 10.0
- Adobe reader 8.0
- Adobe reader 8.1
- Adobe reader 8.1.1
- Adobe reader 8.1.2
- Adobe reader 8.1.2 Security Update 1
- Adobe reader 8.1.3
- Adobe reader 8.1.4
- Adobe reader 8.1.5
- Adobe reader 8.1.6
- Adobe reader 8.1.7
- Adobe reader 8.2
- Adobe reader 8.2.1
- Adobe reader 8.2.2
- Adobe reader 8.2.3
- Adobe reader 8.2.4
- Adobe reader 8.2.5
- Adobe reader 9
- Adobe reader 9.1
- Adobe reader 9.1.1
- Adobe reader 9.1.2
- Adobe reader 9.1.3
- Adobe reader 9.2
- Adobe reader 9.3
- Adobe reader 9.3.1
- Adobe reader 9.3.2
- Adobe reader 9.3.3
- Adobe reader 9.3.4
- Adobe reader 9.3.4
- Adobe reader 9.4
- Gentoo linux
- Red_hat desktop_extras 4
- Red_hat enterprise_linux_as_extras 4
- Red_hat enterprise_linux_desktop_supplementary 5 Client
- Red_hat enterprise_linux_desktop_supplementary 6
- Red_hat enterprise_linux_es_extras 4
- Red_hat enterprise_linux_extras 4
- Red_hat enterprise_linux_server_supplementary 6
- Red_hat enterprise_linux_supplementary 5 Server
- Red_hat enterprise_linux_workstation_supplementary 6
- Red_hat enterprise_linux_ws_extras 4
- Suse opensuse 11.1
- Suse opensuse 11.2
- Suse opensuse 11.3
- Suse suse_linux_enterprise_desktop 10 SP3
- Suse suse_linux_enterprise_desktop 11
- Suse suse_linux_enterprise_desktop 11 SP1
References