Adobe Reader: Multiple vulnerabilities

1.  Gentoo Linux Security Advisory

Version Information

Related bugreports: #354211, #382969, #393481

Synopsis

Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.

2.  Impact Information

Background

Adobe Reader is a closed-source PDF reader.

Description

Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could entice a user to open a specially crafted PDF file using Adobe Reader, possibly resulting in the remote execution of arbitrary code, a Denial of Service, or other impact.

3.  Resolution Information

Workaround

There is no known workaround at this time.

Resolution

All Adobe Reader users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"

4.  References

• CVE-2010-4091
• CVE-2011-0562
• CVE-2011-0563
• CVE-2011-0565
• CVE-2011-0566
• CVE-2011-0567
• CVE-2011-0570
• CVE-2011-0585
• CVE-2011-0586
• CVE-2011-0587
• CVE-2011-0588
• CVE-2011-0589
• CVE-2011-0590
• CVE-2011-0591
• CVE-2011-0592
• CVE-2011-0593
• CVE-2011-0594
• CVE-2011-0595
• CVE-2011-0596
• CVE-2011-0598
• CVE-2011-0599
• CVE-2011-0600
• CVE-2011-0602
• CVE-2011-0603
• CVE-2011-0604
• CVE-2011-0605
• CVE-2011-0606
• CVE-2011-2130
• CVE-2011-2134
• CVE-2011-2135
• CVE-2011-2136
• CVE-2011-2137
• CVE-2011-2138
• CVE-2011-2139
• CVE-2011-2140
• CVE-2011-2414
• CVE-2011-2415
• CVE-2011-2416
• CVE-2011-2417
• CVE-2011-2424
• CVE-2011-2425
• CVE-2011-2431
• CVE-2011-2432
• CVE-2011-2433
• CVE-2011-2434
• CVE-2011-2435
• CVE-2011-2436
• CVE-2011-2437
• CVE-2011-2438
• CVE-2011-2439
• CVE-2011-2440
• CVE-2011-2441
• CVE-2011-2442
• CVE-2011-2462
• CVE-2011-4369