PT-2013-1524 · Adobe+2 · Reader+3
Publicado
2013-01-10
·
Atualizado
2017-09-19
·
CVE-2012-1530
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe Reader and Acrobat versions 9.x through 9.5.2
Adobe Reader and Acrobat versions 10.x through 10.1.4
Adobe Reader and Acrobat versions 11.x through 11.0.0
Description
A heap-based buffer overflow issue exists in the XSLT engine, allowing attackers to execute arbitrary code or cause a denial of service via a crafted PDF file containing an XSL file. This occurs when the lang function processes XML data with a crafted node-set, leading to memory corruption.
Recommendations
For Adobe Reader and Acrobat versions 9.x through 9.5.2, update to version 9.5.3 or later.
For Adobe Reader and Acrobat versions 10.x through 10.1.4, update to version 10.1.5 or later.
For Adobe Reader and Acrobat versions 11.x through 11.0.0, update to version 11.0.1 or later.
Correção
DoS
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Acrobat
Reader
Red Hat
Suse