Adobe Reader: Multiple vulnerabilities
Multiple vulnerabilities in Adobe Reader might result in the execution of
arbitrary code or other attacks.
acroread
September 07, 2010
September 07, 2010: 01
297385
306429
313343
322857
remote
9.3.4
9.3.4
Adobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF
reader.
Multiple vulnerabilities were discovered in Adobe Reader. For further
information please consult the CVE entries and the Adobe Security
Bulletins referenced below.
A remote attacker might entice a user to open a specially crafted PDF
file, possibly resulting in the execution of arbitrary code with the
privileges of the user running the application, or bypass intended
sandbox restrictions, make cross-domain requests, inject arbitrary web
script or HTML, or cause a Denial of Service condition.
There is no known workaround at this time.
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
APSA10-01
APSB10-02
APSB10-07
APSB10-09
APSB10-14
APSB10-16
CVE-2009-3953
CVE-2009-4324
CVE-2010-0186
CVE-2010-0188
CVE-2010-0190
CVE-2010-0191
CVE-2010-0192
CVE-2010-0193
CVE-2010-0194
CVE-2010-0195
CVE-2010-0196
CVE-2010-0197
CVE-2010-0198
CVE-2010-0199
CVE-2010-0201
CVE-2010-0202
CVE-2010-0203
CVE-2010-0204
CVE-2010-1241
CVE-2010-1285
CVE-2010-1295
CVE-2010-1297
CVE-2010-2168
CVE-2010-2201
CVE-2010-2202
CVE-2010-2203
CVE-2010-2204
CVE-2010-2205
CVE-2010-2206
CVE-2010-2207
CVE-2010-2208
CVE-2010-2209
CVE-2010-2210
CVE-2010-2211
CVE-2010-2212
a3li
craig
p-y