Signature Detail
Short Name |
HTTP:STC:ADOBE:TOOLBUTTON-UAF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Acrobat Reader ToolButton Use After Free |
Release Date |
2014/02/18 |
Update Number |
2346 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Adobe Acrobat Reader ToolButton Use After Free
This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. The vulnerability is due to an error in the handling of callback functions associated with ToolButton objects. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted file. Successful exploitation could result in arbitrary code execution in the context of the currently affected user.
Extended Description
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341.
Affected Products
- adobe acrobat 10.0.1 (-:pro)
- adobe acrobat 10.0.2
- adobe acrobat 10.0.3
- adobe acrobat 10.0 (-:pro)
- adobe acrobat 10.1
- adobe acrobat 10.1.1
- adobe acrobat 10.1.2
- adobe acrobat 10.1.3
- adobe acrobat 10.1.4
- adobe acrobat 10.1.5
- adobe acrobat 10.1.6
- adobe acrobat 11.0
- adobe acrobat 11.0.1
- adobe acrobat 11.0.2
- adobe acrobat 9.0 (-:pro)
- adobe acrobat 9.1.1 (-)
- adobe acrobat 9.1.2
- adobe acrobat 9.1.3 (-)
- adobe acrobat 9.1 (-:pro)
- adobe acrobat 9.2 (-)
- adobe acrobat 9.3.1 (-)
- adobe acrobat 9.3.2 (-)
- adobe acrobat 9.3.3
- adobe acrobat 9.3.4 (-)
- adobe acrobat 9.3 (-:pro)
- adobe acrobat 9.4
- adobe acrobat 9.4.1 (-)
- adobe acrobat 9.4.2 (-)
- adobe acrobat 9.4.3 (-)
- adobe acrobat 9.4.4 (-)
- adobe acrobat 9.4.5 (-)
- adobe acrobat 9.4.6 (-)
- adobe acrobat 9.4.7
- adobe acrobat 9.5
- adobe acrobat 9.5.1
- adobe acrobat 9.5.2
- adobe acrobat 9.5.3
- adobe acrobat 9.5.4
- adobe acrobat_reader 10.0
- adobe acrobat_reader 10.0.1
- adobe acrobat_reader 10.0.2
- adobe acrobat_reader 10.0.3
- adobe acrobat_reader 10.1
- adobe acrobat_reader 10.1.1
- adobe acrobat_reader 10.1.2
- adobe acrobat_reader 10.1.3
- adobe acrobat_reader 10.1.4
- adobe acrobat_reader 10.1.5
- adobe acrobat_reader 10.1.6
- adobe acrobat_reader 11.0
- adobe acrobat_reader 11.0.1
- adobe acrobat_reader 11.0.2
- adobe acrobat_reader 11.0.3
- adobe acrobat_reader 9.0
- adobe acrobat_reader 9.1
- adobe acrobat_reader 9.1.1
- adobe acrobat_reader 9.1.2
- adobe acrobat_reader 9.1.3
- adobe acrobat_reader 9.2
- adobe acrobat_reader 9.3
- adobe acrobat_reader 9.3.1
- adobe acrobat_reader 9.3.2
- adobe acrobat_reader 9.3.3
- adobe acrobat_reader 9.3.4
- adobe acrobat_reader 9.4
- adobe acrobat_reader 9.4.1
- adobe acrobat_reader 9.4.2
- adobe acrobat_reader 9.4.3
- adobe acrobat_reader 9.4.4
- adobe acrobat_reader 9.4.5
- adobe acrobat_reader 9.4.6
- adobe acrobat_reader 9.4.7
- adobe acrobat_reader 9.5
- adobe acrobat_reader 9.5.1
- adobe acrobat_reader 9.5.2
- adobe acrobat_reader 9.5.3
- adobe acrobat_reader 9.5.4
References
- BugTraq: 62149
- CVE: CVE-2013-3346