Virus & Spyware

Last reply by 02-10-2015 Unsolved
Start a Discussion
7 Plutonium
9693

UNpatched - Adobe Reader CoolType.dll Buffer Overflow Vulnerability

The following was copied/pasted from http://secunia.com/advisories/62685 (which, while still free, now requires the user to [register and] log-in).

Description

A [highly critical] vulnerability has been reported in Adobe Reader, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error within CoolType.dll and can be exploited to cause a heap-based buffer overflow.

The vulnerability is reported in version 11.0.10 running on [Mac] OS X. Other versions may also be affected.

Solution:
No official solution is currently available. The vendor is planning to release a fix within the week of the 10th February, 2015.

Original Advisory:
https://code.google.com/p/google-security-research/issues/detail?id=144 

===================

Remark:   This Secunia advisory focuses on MAC OS X...

but the "original" advisory talks about the vulnerability for Reader XI (11.0.09) under Windows 7.

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 10 Pro (64-bit), Windows Defender, MBAM4 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, WinPatrol PLUS, SAS (on-demand scanner), uBlock Origin, Microsoft EDGE, Firefox, Pale Moon.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

Replies (0)
Latest Solutions
Top Contributor