Adobe Updates Acrobat, Reader and Cold Fusion
Tuesday, February 8, 2011 at 05:11PM
Sean OConnell Public in Acrobat, Adobe, Condition:GREEN, Reader, Updates
Adobe has released an update of Acrobat and Acrobat Reader to address critical vulnerabilities and fix various bugs.
- These updates resolve an input validation vulnerability that could lead to code execution (CVE-2010-4091).
- These updates resolve a library-loading vulnerability that could lead to code execution (CVE-2011-0562).
- These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2011-0563).
- These updates resolve a Windows-only file permissions issue that could lead to privilege escalation (CVE-2011-0564).
- These updates resolve a denial of service vulnerability; arbitrary code execution has not been demonstrated, but may be possible (CVE-2011-0565).
- These updates resolve an image-parsing memory corruption vulnerability that could lead to code execution (CVE-2011-0566).
- These updates resolve an image-parsing memory corruption vulnerability that could lead to code execution (CVE-2011-0567).
- These updates resolve a denial of service vulnerability; arbitrary code execution has not been demonstrated, but may be possible (Macintosh only) (CVE-2011-0568).
- These updates resolve a library-loading vulnerability that could lead to code execution (CVE-2011-0570).
- These updates resolve a denial of service vulnerability; arbitrary code execution has not been demonstrated, but may be possible (CVE-2011-0585).
- These updates resolve an input validation vulnerability that could lead to code execution (CVE-2011-0586).
- These updates resolve an input validation vulnerability that could lead to a cross-site scripting vulnerability (CVE-2011-0587).
- These updates resolve a library-loading vulnerability that could lead to code execution (CVE-2011-0588).
- These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2011-0589).
- These updates resolve a 3D file parsing input validation vulnerability that could lead to code execution (CVE-2011-0590).
- These updates resolve a 3D file parsing input validation vulnerability that could lead to code execution (CVE-2011-0591).
- These updates resolve a 3D file parsing input validation vulnerability that could lead to code execution (CVE-2011-0592).
- These updates resolve a 3D file parsing input validation vulnerability that could lead to code execution (CVE-2011-0593).
- These updates resolve a font parsing input validation vulnerability that could lead to code execution (CVE-2011-0594).
- These updates resolve a 3D file parsing input validation vulnerability that could lead to code execution (CVE-2011-0595).
- These updates resolve a image parsing input validation vulnerability that could lead to code execution (CVE-2011-0596).
- These updates resolve an image parsing input validation vulnerability that could lead to code execution (CVE-2011-0598).
- These updates resolve an image parsing input validation vulnerability that could lead to code execution (CVE-2011-0599).
- These updates resolve a 3D file parsing input validation vulnerability that could lead to code execution (CVE-2011-0600).
- These updates resolve an image parsing input validation vulnerability that could lead to code execution (CVE-2011-0602).
- These updates resolve an image-parsing memory corruption vulnerability that could lead to code execution (CVE-2011-0603).
- These updates resolve an input validation vulnerability that could lead to cross-site scripting (CVE-2011-0604).
- These updates resolve a memory corruption vulnerability that could lead to code execution (Macintosh only) (CVE-2011-0605).
- These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2011-0606).
- 2742895 Crash after copying text from a comment and scrolling to the next page when data already exists on the clipboard.
ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 for Windows, Macintosh and UNIX has also been released. This is a Hot Fix, users should read the tech note in references for more information.
Article originally appeared on magmatic.com (http://www.magmatic.com/).
See website for complete article licensing information.