Signature Detail

HTTP: Adobe Reader bProtectedMode Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Adobe Reader. A successful attack can lead to arbitrary code execution.

Extended Description

Adobe Acrobat and Reader are prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with elevated privileges.

Affected Products

• Adobe Acrobat 10.0
• Adobe Acrobat 10.0.1
• Adobe Acrobat 10.0.2
• Adobe Acrobat 10.0.3
• Adobe Acrobat 10.1
• Adobe Acrobat Professional 10.0
• Adobe Acrobat Professional 10.0.1
• Adobe Acrobat Professional 10.0.2
• Adobe Acrobat Professional 10.0.3
• Adobe Acrobat Professional 10.1
• Adobe Acrobat Standard 10.0
• Adobe Acrobat Standard 10.0.1
• Adobe Acrobat Standard 10.0.2
• Adobe Acrobat Standard 10.0.3
• Adobe Acrobat Standard 10.1
• Adobe Reader 10.0
• Adobe Reader 10.0.1
• Adobe Reader 10.0.2
• Adobe Reader 10.0.3
• Adobe Reader 10.1
• SuSE openSUSE 11.3
• SuSE openSUSE 11.4
• SuSE SUSE Linux Enterprise Desktop 10 SP4
• SuSE SUSE Linux Enterprise Desktop 11 SP1

References

• BugTraq: 49586
• CVE: CVE-2011-1353