Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
91
security advisorydenial of servicegentooGentoo: GLSA-201309-10 Normal: Adobe Reader Arbitrary Execution
A vulnerability in Adobe Reader could result in execution of arbitrary code or Denial of Service.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201309-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Adobe Reader: Arbitrary Code Execution Date: September 15, 2013 Bugs: #483210 ID: 201309-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability in Adobe Reader could result in execution of arbitrary code or Denial of Service. Background ========= Adobe Reader is a closed-source PDF reader. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/acroread < 9.5.5 > = 9.5.5 Description ========== An unspecified vulnerability exists in Adobe Reader. Impact ===== An attacker could execute arbitrary code or cause a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All Adobe Reader users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-text/acroread-9.5.5" References ========= [ 1 ] CVE-2013-3346 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3346 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201309-10 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressedto
Sep 15, 2013
Gentoo
91
security advisoryhigh severitygentooGentoo: 201308-03 High: Adobe Reader Remote Code Execution Threat
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation. [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation. Background ========= Adobe Reader is a closed-source PDF reader. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/acroread < 9.5.5 > = 9.5.5 Description ========== Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. Impact ===== A remote attacker could entice a user to open a specially crafted PDF file, possibly resulting in arbitrary code execution or a Denial of Service condition. A local attacker could gain privileges via unspecified vectors. Workaround ========= There is no known workaround at this time. Resolution ========= All Adobe Reader users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-text/acroread-9.5.5" References ========= [ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201308-03 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should beaddressed to
Aug 22, 2013
Gentoo
91
security advisorydenial of servicegentooGentoo: GLSA-201306-15 Moderate: Adobe Acrobat Various Vulnerabilities
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201206-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: June 22, 2012 Bugs: #405949, #411499 ID: 201206-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities in Adobe Reader might allow remote attackersto execute arbitrary code or conduct various other attacks. Background ========= Adobe Reader is a closed-source PDF reader. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/acroread < 9.5.1 > = 9.5.1 Description ========== Multiple vulnerabilities have been found in Adobe Reader, including an integer overflow in TrueType Font handling (CVE-2012-0774) and multiple unspecified errors which could cause memory corruption. Impact ===== A remote attacker could entice a user to open a specially crafted PDF file, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All Adobe Reader users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-text/acroread-9.5.1" References ========= [ 1 ] CVE-2011-4370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4370 [ 2 ] CVE-2011-4371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4371 [ 3 ] CVE-2011-4372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4372 [ 4 ] CVE-2011-4373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4373 [ 5 ] CVE-2012-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0774 [ 6 ] CVE-2012-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0775 [ 7 ] CVE-2012-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0776 [ 8 ] CVE-2012-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0777 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201206-14 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Jun 22, 2012
Gentoo
91
security advisorygentooremote code executionGentoo: 201101-08 Normal: Adobe Reader Remote Code Execution Risk
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201101-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 21, 2011 Bugs: #336508, #343091 ID: 201101-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code. Background ========= Adobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF reader. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/acroread < 9.4.1 > = 9.4.1 Description ========== Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Impact ===== A remote attacker might entice a user to open a specially crafted PDF file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service. Workaround ========= There is no known workaround at this time. Resolution ========= All Adobe Reader users should upgrade to the latest stable version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-text/acroread-9.4.1" References ========= [ 1 ] APSB10-21 [ 2 ] APSB10-28 [ 3 ] CVE-2010-2883 https://www.cve.org/CVERecord?id=CVE-2010-2883 [ 4 ] CVE-2010-2884 https://www.cve.org/CVERecord?id=CVE-2010-2884 [ 5 ] CVE-2010-2887 https://www.cve.org/CVERecord?id=CVE-2010-2887 [ 6 ] CVE-2010-2889 https://www.cve.org/CVERecord?id=CVE-2010-2889 [ 7 ] CVE-2010-2890 https://www.cve.org/CVERecord?id=CVE-2010-2890 [ 8 ] CVE-2010-3619 https://www.cve.org/CVERecord?id=CVE-2010-3619 [ 9 ] CVE-2010-3620 https://www.cve.org/CVERecord?id=CVE-2010-3620 [ 10 ] CVE-2010-3621 https://www.cve.org/CVERecord?id=CVE-2010-3621 [ 11 ] CVE-2010-3622 https://www.cve.org/CVERecord?id=CVE-2010-3622 [ 12 ] CVE-2010-3625 https://www.cve.org/CVERecord?id=CVE-2010-3625 [ 13 ] CVE-2010-3626 https://www.cve.org/CVERecord?id=CVE-2010-3626 [ 14 ] CVE-2010-3627 https://www.cve.org/CVERecord?id=CVE-2010-3627 [ 15 ] CVE-2010-3628 https://www.cve.org/CVERecord?id=CVE-2010-3628 [ 16 ] CVE-2010-3629 https://www.cve.org/CVERecord?id=CVE-2010-3629 [ 17 ] CVE-2010-3630 https://www.cve.org/CVERecord?id=CVE-2010-3630 [ 18 ] CVE-2010-3632 https://www.cve.org/CVERecord?id=CVE-2010-3632 [ 19 ] CVE-2010-3654 https://www.cve.org/CVERecord?id=CVE-2010-3654 [ 20 ] CVE-2010-3656 https://www.cve.org/CVERecord?id=CVE-2010-3656 [ 21 ] CVE-2010-3657 https://www.cve.org/CVERecord?id=CVE-2010-3657 [ 22 ] CVE-2010-3658 https://www.cve.org/CVERecord?id=CVE-2010-3658 [ 23 ] CVE-2010-4091 https://www.cve.org/CVERecord?id=CVE-2010-4091 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201101-08 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Jan 21, 2011
Gentoo
91
security advisorygentoocode executionGentoo: GLSA-201009-05 Normal: Adobe Reader Code Execution Risk
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. Background ========= Adobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF reader. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/acroread < 9.3.4 > = 9.3.4 Description ========== Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Impact ===== A remote attacker might entice a user to open a specially crafted PDF file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or bypass intended sandbox restrictions, make cross-domain requests, inject arbitrary web script or HTML, or cause a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All Adobe Reader users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4" References ========= [ 1 ] APSA10-01 [ 2 ] APSB10-02 [ 3 ] APSB10-07 [ 4 ] APSB10-09 [ 5 ] APSB10-14 [ 6 ] APSB10-16 [ 7 ] CVE-2009-3953 https://www.cve.org/CVERecord?id=CVE-2009-3953 [ 8 ] CVE-2009-4324 https://www.cve.org/CVERecord?id=CVE-2009-4324 [ 9 ] CVE-2010-0186 https://www.cve.org/CVERecord?id=CVE-2010-0186 [ 10 ] CVE-2010-0188 https://www.cve.org/CVERecord?id=CVE-2010-0188 [ 11 ] CVE-2010-0190 https://www.cve.org/CVERecord?id=CVE-2010-0190 [ 12 ] CVE-2010-0191 https://www.cve.org/CVERecord?id=CVE-2010-0191 [ 13 ] CVE-2010-0192 https://www.cve.org/CVERecord?id=CVE-2010-0192 [ 14 ] CVE-2010-0193 https://www.cve.org/CVERecord?id=CVE-2010-0193 [ 15 ] CVE-2010-0194 https://www.cve.org/CVERecord?id=CVE-2010-0194 [ 16 ] CVE-2010-0195 https://www.cve.org/CVERecord?id=CVE-2010-0195 [ 17 ] CVE-2010-0196 https://www.cve.org/CVERecord?id=CVE-2010-0196 [ 18 ] CVE-2010-0197 https://www.cve.org/CVERecord?id=CVE-2010-0197 [ 19 ] CVE-2010-0198 https://www.cve.org/CVERecord?id=CVE-2010-0198 [ 20 ] CVE-2010-0199 https://www.cve.org/CVERecord?id=CVE-2010-0199 [ 21 ] CVE-2010-0201 https://www.cve.org/CVERecord?id=CVE-2010-0201 [ 22 ] CVE-2010-0202 https://www.cve.org/CVERecord?id=CVE-2010-0202 [ 23 ] CVE-2010-0203 https://www.cve.org/CVERecord?id=CVE-2010-0203 [ 24 ] CVE-2010-0204 https://www.cve.org/CVERecord?id=CVE-2010-0204 [ 25 ] CVE-2010-1241 https://www.cve.org/CVERecord?id=CVE-2010-1241 [ 26 ] CVE-2010-1285 https://www.cve.org/CVERecord?id=CVE-2010-1285 [ 27 ] CVE-2010-1295 https://www.cve.org/CVERecord?id=CVE-2010-1295 [ 28 ] CVE-2010-1297 https://www.cve.org/CVERecord?id=CVE-2010-1297 [ 29 ] CVE-2010-2168 https://www.cve.org/CVERecord?id=CVE-2010-2168 [ 30 ] CVE-2010-2201 https://www.cve.org/CVERecord?id=CVE-2010-2201 [ 31 ] CVE-2010-2202 https://www.cve.org/CVERecord?id=CVE-2010-2202 [ 32 ] CVE-2010-2203 https://www.cve.org/CVERecord?id=CVE-2010-2203 [ 33 ] CVE-2010-2204 https://www.cve.org/CVERecord?id=CVE-2010-2204 [ 34 ] CVE-2010-2205 https://www.cve.org/CVERecord?id=CVE-2010-2205 [ 35 ] CVE-2010-2206 https://www.cve.org/CVERecord?id=CVE-2010-2206 [ 36 ] CVE-2010-2207 https://www.cve.org/CVERecord?id=CVE-2010-2207 [ 37 ] CVE-2010-2208 https://www.cve.org/CVERecord?id=CVE-2010-2208 [ 38 ] CVE-2010-2209 https://www.cve.org/CVERecord?id=CVE-2010-2209 [ 39 ] CVE-2010-2210 https://www.cve.org/CVERecord?id=CVE-2010-2210 [ 40 ] CVE-2010-2211 https://www.cve.org/CVERecord?id=CVE-2010-2211 [ 41 ] CVE-2010-2212 https://www.cve.org/CVERecord?id=CVE-2010-2212 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201009-05 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Sep 07, 2010
Gentoo
91
security advisorycode executionremote executionGentoo GLSA-200908-04 Normal: Adobe Reader And Flash Remote Code Exec
Multiple vulnerabilities in Adobe Reader and Adobe Flash Player allow for attacks including the remote execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200908-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Adobe products: Multiple vulnerabilities Date: August 07, 2009 Bugs: #278813, #278819 ID: 200908-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities in Adobe Reader and Adobe Flash Player allow for attacks including the remote execution of arbitrary code. Background ========= Adobe Flash Player is a closed-source playback software for Flash SWF files. Adobe Reader is a closed-source PDF reader that plays Flash content as well. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-plugins/adobe-flash < 10.0.32.18 > = 10.0.32.18 2 app-text/acroread < 9.1.3 > = 9.1.3 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. ------------------------------------------------------------------- Description ========== Multiple vulnerabilities have been reported in Adobe Flash Player: * lakehu of Tencent Security Center reported an unspecified memory corruption vulnerability (CVE-2009-1862). * Mike Wroe reported an unspecified vulnerability, related to "privilege escalation" (CVE-2009-1863). * An anonymous researcher through iDefense reported an unspecified heap-based bufferoverflow (CVE-2009-1864). * Chen Chen of Venustech reported an unspecified "null pointer vulnerability" (CVE-2009-1865). * Chen Chen of Venustech reported an unspecified stack-based buffer overflow (CVE-2009-1866). * Joran Benker reported that Adobe Flash Player facilitates "clickjacking" attacks (CVE-2009-1867). * Jun Mao of iDefense reported a heap-based buffer overflow, related to URL parsing (CVE-2009-1868). * Roee Hay of IBM Rational Application Security reported an unspecified integer overflow (CVE-2009-1869). * Gareth Heyes and Microsoft Vulnerability Research reported that the sandbox in Adobe Flash Player allows for information disclosure, when "SWFs are saved to the hard drive" (CVE-2009-1870). Impact ===== A remote attacker could entice a user to open a specially crafted PDF file or web site containing Adobe Flash (SWF) contents, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service (application crash). Furthermore, a remote attacker could trick a user into clicking a button on a dialog by supplying a specially crafted SWF file and disclose sensitive information by exploiting a sandbox issue. Workaround ========= There is no known workaround at this time. Resolution ========= All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v "> =www-plugins/adobe-flash-10.0.32.18" All Adobe Reader users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-text/acroread-9.1.3" References ========= [ 1 ] CVE-2009-1862 https://www.cve.org/CVERecord?id=CVE-2009-1862 [ 2 ] CVE-2009-1863 https://www.cve.org/CVERecord?id=CVE-2009-1863 [ 3 ] CVE-2009-1864 https://www.cve.org/CVERecord?id=CVE-2009-1864 [ 4 ] CVE-2009-1865 https://www.cve.org/CVERecord?id=CVE-2009-1865 [ 5 ] CVE-2009-1866 https://www.cve.org/CVERecord?id=CVE-2009-1866 [ 6 ]CVE-2009-1867 https://www.cve.org/CVERecord?id=CVE-2009-1867 [ 7 ] CVE-2009-1868 https://www.cve.org/CVERecord?id=CVE-2009-1868 [ 8 ] CVE-2009-1869 https://www.cve.org/CVERecord?id=CVE-2009-1869 [ 9 ] CVE-2009-1870 https://www.cve.org/CVERecord?id=CVE-2009-1870 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200908-04 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Aug 07, 2009
Gentoo
91
security advisorygentoobuffer overflowGentoo: GLSA-200901-09 Normal: Adobe Reader Arbitrary Code Execution
Adobe Reader is vulnerable to execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200901-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Adobe Reader: User-assisted execution of arbitrary code Date: January 13, 2009 Bugs: #225483 ID: 200901-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Adobe Reader is vulnerable to execution of arbitrary code. Background ========= Adobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF reader. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/acroread < 8.1.3 > = 8.1.3 Description ========== * An unspecified vulnerability can be triggered by a malformed PDF document, as demonstrated by 2008-HI2.pdf (CVE-2008-2549). * Peter Vreugdenhil, Dyon Balding, Will Dormann, Damian Frizza, and Greg MacManus reported a stack-based buffer overflow in the util.printf JavaScript function that incorrectly handles the format string argument (CVE-2008-2992). * Greg MacManus of iDefense Labs reported an array index error that can be leveraged for an out-of-bounds write, related to parsing of Type 1 fonts (CVE-2008-4812). * Javier Vicente Vallejo and Peter Vregdenhil, via Zero Day Initiative, reported multiple unspecified memory corruption vulnerabilities (CVE-2008-4813). * Thomas Garnier of SkyRecon Systems reported an unspecified vulnerability in a JavaScript method, related to an "input validation issue" (CVE-2008-4814). * Josh Bressersof Red Hat reported an untrusted search path vulnerability (CVE-2008-4815). * Peter Vreugdenhil reported through iDefense that the Download Manager can trigger a heap corruption via calls to the AcroJS function (CVE-2008-4817). Impact ===== A remote attacker could entice a user to open a specially crafted PDF document, and local attackers could entice a user to run acroread from an untrusted working directory. Both might result in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service. Workaround ========= There is no known workaround at this time. Resolution ========= All Adobe Reader users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-text/acroread-8.1.3" References ========= [ 1 ] CVE-2008-2549 https://www.cve.org/CVERecord?id=CVE-2008-2549 [ 2 ] CVE-2008-2992 https://www.cve.org/CVERecord?id=CVE-2008-2992 [ 3 ] CVE-2008-4812 https://www.cve.org/CVERecord?id=CVE-2008-4812 [ 4 ] CVE-2008-4813 https://www.cve.org/CVERecord?id=CVE-2008-4813 [ 5 ] CVE-2008-4814 https://www.cve.org/CVERecord?id=CVE-2008-4814 [ 6 ] CVE-2008-4815 https://www.cve.org/CVERecord?id=CVE-2008-4815 [ 7 ] CVE-2008-4817 https://www.cve.org/CVERecord?id=CVE-2008-4817 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200901-09 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Jan 13, 2009
Gentoo
91
security advisorygentoobuffer overflowGentoo: GLSA-202311-27 Normal: Adobe Reader Buffer Overflow
Adobe Reader is vulnerable to a buffer overflow which could potentially lead to execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200508-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Adobe Reader: Buffer Overflow Date: August 19, 2005 Bugs: #102730 ID: 200508-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Adobe Reader is vulnerable to a buffer overflow which could potentially lead to execution of arbitrary code. Background ========= Adobe Reader is a utility used to view PDF files. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/acroread < 7.0.1.1 > = 7.0.1.1 Description ========== A buffer overflow has been reported within a core application plug-in, which is part of Adobe Reader. Impact ===== An attacker may create a specially-crafted PDF file, enticing a user to open it. This could trigger a buffer overflow as the file is being loaded, resulting in the execution of arbitrary code. Workaround ========= There is no known workaround at this time. Resolution ========= All Adobe Reader users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-text/acroread-7.0.1.1" References ========= [ 1 ] CAN-2005-2470 https://www.cve.org/CVERecord?id=CAN-2005-2470 [ 2 ] Adobe Document 321644 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200508-11 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Aug 19, 2005
Gentoo
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!