| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <201301290602.r0T62NKh012719@sf01web1.securityfocus.com> Date: Tue, 29 Jan 2013 06:02:23 GMT From: n1s0o@...il.com To: bugtraq@...urityfocus.com Subject: Adobe Reader XI versions are vulnerable to a heap overflow 1. OVERVIEW Adobe Reader XI versions are vulnerable to a heap overflow 2. BACKGROUND Adobe Reader software is the free trusted standard for reliably viewing, printing, and annotating PDF documents. It's the only PDF file viewer that can open and interact with all types of PDF content, including forms and multimedia. 3. VULNERABILITY DESCRIPTION A specially crafted PDF file may result in a heap overflow, corrupting the heap and potentially allowing code execution. The flaw is due to allocating predefined heap space for an object in the PDF format, which may be bigger than anticipated. 4. VERSIONS AFFECTED 11.x 5. SOLUTION The vendor is fixing this issue 6. CREDIT Nisso Kalim ~~~DEMO hackers~~~
Powered by blists - more mailing lists