|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-01-05 | |
| Rule Name: | Adobe Acrobat and Reader U3D Uninitialized Variable Vulnerability -1 (CVE-2011-2462) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | An unitialized variable dereference vulnerability has been identified in Adobe Reader and Adobe Acrobat. The vulnerability is due to a flaw in the code that handles U3D files embedded in PDF files. A remote attacker could exploit this vulnerability by enticing a user to open a crafted PDF file. In case of a successful attack arbitrary attacker code will be executed on the target user machine in the security context of the logged on user. If the attack fails, the affected application may terminate abnormally. | |
| Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux | |
| Reference: | http://www.adobe.com/support/security/advisories/apsa11-04.html AdobeSecurityBulletins:apsb12-01 http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html |
|
| Solutions |
|---|
| Adobe has issued a fix on the official website. For more advisory, please visit: http://www.adobe.com/support/security/bulletins/apsb11-30.html |