CVE-2011-2462

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Reader versions 9.x through 9.4.6 Adobe Reader and Adobe Acrobat versions 10.1.1 and earlier

Description The issue is related to a memory corruption vulnerability in the U3D component of Adobe Reader and Adobe Acrobat. This vulnerability can be exploited by a remote attacker to execute arbitrary code or cause a denial of service due to memory corruption. The vulnerability was exploited in the wild in December 2011.

Recommendations For Adobe Reader versions 9.x through 9.4.6, update to a version later than 9.4.6 to resolve the issue. For Adobe Reader and Adobe Acrobat versions 10.1.1 and earlier, update to a version later than 10.1.1 to resolve the issue. As a temporary workaround, consider disabling the U3D component in Adobe Reader and Adobe Acrobat until a patch is available.

Exploit

Fix

RCE

DoS

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

BDU:2022-03558

CVE-2011-2462

OPENSUSE-SU-2012_0087-1

RHSA-2012:0011

RHSA-2012_0011

SUSE-SU-2012_0086-1

Affected Products

Acrobat

Reader

Red Hat

Suse

CVE-2011-2462

Weakness Enumeration

Related Identifiers

Affected Products

References · 36