Unsolved
This post is more than 5 years old
3 Apprentice
•
15.2K Posts
0
9717
UNpatched - Adobe Reader CoolType.dll Buffer Overflow Vulnerability
The following was copied/pasted from http://secunia.com/advisories/62685 (which, while still free, now requires the user to [register and] log-in).
Description
A [highly critical] vulnerability has been reported in Adobe Reader, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error within CoolType.dll and can be exploited to cause a heap-based buffer overflow.
The vulnerability is reported in version 11.0.10 running on [Mac] OS X. Other versions may also be affected.
Solution:
No official solution is currently available. The vendor is planning to release a fix within the week of the 10th February, 2015.
Original Advisory:
https://code.google.com/p/google-security-research/issues/detail?id=144
===================
Remark: This Secunia advisory focuses on MAC OS X...
but the "original" advisory talks about the vulnerability for Reader XI (11.0.09) under Windows 7.