Adobe Acrobat and Reader multiple security vulnerabilities updated since 17.01.2010
Published:		15.03.2010
Source:		CERT
SecurityVulns ID:		10516
Type:		client
Level:		8/10
Description:		Code executions, memory corruptions, buffer overflow, integer overflow, DoS on PDF parsing.

Affected:		ADOBE : Reader 8.1
		ADOBE : Acrobat 8.1
		ADOBE : Reader 9.2
		ADOBE : Acrobat 9.2
		ADOBE : Acrobat 9.3
		ADOBE : Reader 9.3
CVE:		CVE-2010-0188
		CVE-2009-4324 (Use-after-free vulnerability in the Doc.media.newPlayer method in Adobe Reader and Acrobat 8.0 through 9.2, and possibly earlier versions, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.)
		CVE-2009-3959
		CVE-2009-3958
		CVE-2009-3957
		CVE-2009-3956
		CVE-2009-3955
		CVE-2009-3954
		CVE-2009-3953

Original document		villys777_(at)_gmail.com, CVE-2010-0188 Exploit Code (15.03.2010)
		IDEFENSE, iDefense Security Advisory 01.12.10: Adobe Reader and Acrobat JpxDecode Memory Corruption Vulnerability (17.01.2010)
		VUPEN Security Research, VUPEN Security Research - Adobe Acrobat and Reader U3D Integer Overflow Vulnerability (17.01.2010)
		ADOBE, Security updates available for Adobe Reader and Acrobat (17.01.2010)
		CERT, US-CERT Technical Cyber Security Alert TA10-013A -- Adobe Reader and Acrobat Vulnerabilities (17.01.2010)

Files:		Adobe PDF LibTiff Integer Overflow Code Execution
Discuss:		Read or add your comments to this news (1 comments)