CVE-2011-2441

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Multiple stack-based buffer overflows in CoolType.dll in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors.

References

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00012.html

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00025.html

http://www.adobe.com/support/security/bulletins/apsb11-24.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14044

Details

Source: MITRE

Published: 2011-09-15

Updated: 2017-09-19

Type: CWE-119

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.2.6:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.4.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:10.0.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:10.0.3:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.2.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.2.6:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.4.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.4.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:10.0.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:10.1:*:*:*:*:*:*:*

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
75783openSUSE Security Update : acroread (openSUSE-SU-2011:1238-1)NessusSuSE Local Security Checks
high
75422openSUSE Security Update : acroread (openSUSE-SU-2011:1238-1)NessusSuSE Local Security Checks
high
74527openSUSE Security Update : acroread (openSUSE-2011-54)NessusSuSE Local Security Checks
high
57745GLSA-201201-19 : Adobe Reader: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
57705FreeBSD : acroread9 -- Multiple Vulnerabilities (fa2f386f-4814-11e1-89b4-001ec9578670)NessusFreeBSD Local Security Checks
critical
57154SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 7833)NessusSuSE Local Security Checks
high
57087SuSE 11.1 Security Update : Acrobat Reader (SAT Patch Number 5412)NessusSuSE Local Security Checks
high
56199Adobe Reader < 10.1.1 / 9.4.6 / 8.3.1 Multiple Vulnerabilities (APSB11-21, APSB11-24, APSB11-26) (Mac OS X)NessusMacOS X Local Security Checks
high
56198Adobe Reader < 10.1.1 / 9.4.6 / 8.3.1 Multiple Vulnerabilities (APSB11-21, APSB11-24)NessusWindows
high
56197Adobe Acrobat < 10.1.1 / 9.4.6 / 8.3.1 Multiple Vulnerabilities (APSB11-21, APSB11-24)NessusWindows
high