Adobe Acrobat < 9.3 / 8.2 Multiple Vulnerabilities (APSB10-02)
High Nessus Plugin ID 43875
SynopsisThe version of Adobe Acrobat on the remote Windows host is affected by multiple vulnerabilities.
DescriptionThe version of Adobe Acrobat installed on the remote host is earlier than 9.3 / 8.2. Such versions are reportedly affected by multiple vulnerabilities :
- A use-after-free vulnerability in 'Multimedia.api' can lead to code execution. (CVE-2009-4324)
- An array boundary issue in 'U3D' support can lead to code execution. (CVE-2009-3953)
- A DLL-loading vulnerability in '3D' can allow arbitrary code execution. (CVE-2009-3954)
- A memory corruption vulnerability can lead to code execution. (CVE-2009-3955)
- A script injection vulnerability. (CVE-2009-3956)
- A NULL pointer dereference vulnerability can lead to a denial of service. (CVE-2009-3957)
- A buffer overflow vulnerability in the Download Manager can lead to code execution. (CVE-2009-3958)
- An integer overflow vulnerability in 'U3D' support can lead to code execution. (CVE-2009-3959)
- A buffer overflow in the 'gp.ocx' ActiveX control can lead to code execution. (CVE-2010-1278)
SolutionUpgrade to Adobe Acrobat 9.3 / 8.2 or later.