PT-2014-1394 · Adobe · Reader+1

Publicado

2014-09-17

Atualizado

2017-08-29

CVE-2014-0568

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Reader versions 10.x through 10.1.11 Adobe Reader versions 11.x through 11.0.08 Adobe Acrobat versions 10.x through 10.1.11 Adobe Acrobat versions 11.x through 11.0.08

Description The issue allows attackers to bypass a sandbox protection mechanism and execute native code in a privileged context via an NTFS junction attack. This enables the execution of machine code in a privileged context, potentially leading to elevated privileges.

Recommendations For Adobe Reader versions 10.x through 10.1.11, update to version 10.1.12 or later. For Adobe Reader versions 11.x through 11.0.08, update to version 11.0.09 or later. For Adobe Acrobat versions 10.x through 10.1.11, update to version 10.1.12 or later. For Adobe Acrobat versions 11.x through 11.0.08, update to version 11.0.09 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

BDU:2015-00318

BDU:2015-00319

CVE-2014-0568

Produtos afetados

Acrobat

Reader

PT-2014-1394 · Adobe · Reader+1

CVE-2014-0568

Identificadores relacionados

Produtos afetados

Referências · 9