Signature Detail
Short Name |
HTTP:STC:ADOBE:PDF-UAF-RCE |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe PDF Use After Free Handle Remote Code Execution |
Release Date |
2014/01/29 |
Update Number |
2339 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Adobe PDF Use After Free Handle Remote Code Execution
This signature detects attempts to exploit a known vulnerability in the Adobe Acrobat. A successful attack can lead to remote code execution within the context of the specified user.
Extended Description
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.
Affected Products
- adobe acrobat 10.1
- adobe acrobat 10.1.1
- adobe acrobat 10.1.2
- adobe acrobat 10.1.3
- adobe acrobat 10.1.4
- adobe acrobat 10.1.5
- adobe acrobat 10.1.6
- adobe acrobat 10.1.7
- adobe acrobat 11.0
- adobe acrobat 11.0.1
- adobe acrobat 11.0.2
- adobe acrobat 11.0.3
- adobe acrobat 11.0.4
- adobe acrobat up to 10.1.8
- adobe acrobat up to 11.0.5
- adobe acrobat_reader 10.1
- adobe acrobat_reader 10.1.1
- adobe acrobat_reader 10.1.2
- adobe acrobat_reader 10.1.3
- adobe acrobat_reader 10.1.4
- adobe acrobat_reader 10.1.5
- adobe acrobat_reader 10.1.6
- adobe acrobat_reader 10.1.7
- adobe acrobat_reader 11.0
- adobe acrobat_reader 11.0.1
- adobe acrobat_reader 11.0.2
- adobe acrobat_reader 11.0.3
- adobe acrobat_reader 11.0.4
- adobe acrobat_reader up to 10.1.8
References
- CVE: CVE-2014-0496