Start a Conversation

Unsolved

This post is more than 5 years old

3 Apprentice

 • 

15.1K Posts

9714

February 10th, 2015 03:00

UNpatched - Adobe Reader CoolType.dll Buffer Overflow Vulnerability

The following was copied/pasted from http://secunia.com/advisories/62685 (which, while still free, now requires the user to [register and] log-in).

Description

A [highly critical] vulnerability has been reported in Adobe Reader, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error within CoolType.dll and can be exploited to cause a heap-based buffer overflow.

The vulnerability is reported in version 11.0.10 running on [Mac] OS X. Other versions may also be affected.

Solution:
No official solution is currently available. The vendor is planning to release a fix within the week of the 10th February, 2015.

Original Advisory:
https://code.google.com/p/google-security-research/issues/detail?id=144 

===================

Remark:   This Secunia advisory focuses on MAC OS X...

but the "original" advisory talks about the vulnerability for Reader XI (11.0.09) under Windows 7.

No Responses!
No Events found!

Top