Adobe Reader/Acrobat远程安全绕过漏洞

漏洞起因
输入验证错误
危险等级
中

影响系统
Adobe Reader 9.1.3
Adobe Reader 9.1.2
Adobe Reader 9.1.1
Adobe Reader 8.1.7
Adobe Reader 8.1.6
Adobe Reader 8.1.6
Adobe Reader 8.1.5
Adobe Reader 8.1.4
Adobe Reader 8.1.3
Adobe Reader 8.1.2
Adobe Reader 8.1.1
Adobe Reader 9.2
Adobe Reader 9.1
Adobe Reader 8.1.2 Security Updat
Adobe Reader 8.1
Adobe Reader 8.0
Adobe Acrobat Standard 9.1.3
Adobe Acrobat Standard 9.1.2
Adobe Acrobat Standard 8.1.7
Adobe Acrobat Standard 8.1.6
Adobe Acrobat Standard 8.1.4
Adobe Acrobat Standard 8.1.3
Adobe Acrobat Standard 8.1.2
Adobe Acrobat Standard 8.1.1
Adobe Acrobat Standard 9.2
Adobe Acrobat Standard 9.1
Adobe Acrobat Standard 9
Adobe Acrobat Standard 8.1
Adobe Acrobat Standard 8.0
Adobe Acrobat Professional 9.1.3
Adobe Acrobat Professional 9.1.2
Adobe Acrobat Professional 8.1.7
Adobe Acrobat Professional 8.1.6
Adobe Acrobat Professional 8.1.4
Adobe Acrobat Professional 8.1.3
Adobe Acrobat Professional 8.1.2
Adobe Acrobat Professional 8.1.1
Adobe Acrobat Professional 9.2
Adobe Acrobat Professional 9.1
Adobe Acrobat Professional 9
Adobe Acrobat Professional 8.1.2 Security Updat
Adobe Acrobat Professional 8.1
Adobe Acrobat Professional 8.0
Adobe Acrobat 9.1.1
Adobe Acrobat 9.2

不受影响系统
Adobe Reader 9.3
Adobe Reader 8.2
Adobe Acrobat Standard 9.3
Adobe Acrobat Standard 8.2
Adobe Acrobat Professional 9.3
Adobe Acrobat Professional 8.2
Adobe Acrobat 9.3

危害
远程攻击者可以利用漏洞进行脚本注入攻击。

攻击所需条件
攻击者必须构建恶意PDF文件，诱使用户处理。

漏洞信息
Adobe Reader/Acrobat是流行的处理PDF文件的应用程序。
默认的安全加强配置存在安全问题，允许脚本注入攻击。目前没有详细漏洞细节提供。

测试方法

厂商解决方案
Windows, Macintosh和UNIX平台下的Adobe Reader用户可从如下地址升级:
http://get.adobe.com/reader.
Acrobat
Windows平台下的Acrobat Standard和Pro用户可从如下地址升级:
http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows.
Windows平台下的Acrobat Pro Extended用户可从如下地址升级: http://www.adobe.com/support/downloads/product.jsp?product=158&platform=Windows.
Windows平台下的Acrobat 3D用户可从如下地址升级: :
http://www.adobe.com/support/downloads/product.jsp?product=112&platform=Windows.
Macintosh平台下的Acrobat Pro用户可从如下地址升级: :
http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh.

← Adobe Reader/Acrobat JpxDecode内存破坏漏洞

Adobe Reader/Acrobat 3D中装载DLL远程代码执行漏洞 →

ZeroBox Vulnerability Database

坚持！我们将做的更好！

Adobe Reader/Acrobat远程安全绕过漏洞

0 条评论。

发表评论