[SingCERT] Adobe Acrobat/Reader Multiple Flaws Lets Remote Users Execute Arbitrary Code and Local users Gain Elevated Privileges
Published on Wednesday, 09 January 2013 14:46
[ Summary ]
Multiple vulnerabilities were reported in Adobe Acrobat/Reader. Successful exploitation of these vulnerabilities will allow
- A remote user can cause arbitrary code to be executed on the target user’s system.
- A local user can obtain elevated privileges on the target system.
- A user can bypass security restrictions.
This update will address the following vulnerabilities:
- A Memory corruption may error - CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, CVE-2013-0623.
- A use-after-free may occur - CVE-2013-0602.
- A heap overflow may occur - CVE-2013-0603, CVE-2013-0604.
- A stack overflow may occur - CVE-2013-0610, CVE-2013-0626.
- A buffer overflow may occur - CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, CVE-2013-0621.
- An integer overflow may occur - CVE-2013-0609, CVE-2013-0613.
- A local error may occur - CVE-2013-0607, CVE-2013-0608, CVE-2013-0611, CVE-2013-0614, CVE-2013-0618.
- A local user can gain elevated privileges - CVE-2013-0627.
- A user can bypass unspecified security restrictions - CVE-2013-0622, CVE-2013-0624.
Read more: [SingCERT] Adobe Acrobat/Reader Multiple Flaws Lets Remote Users Execute Arbitrary Code and Local...