-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2014-048 Title: Security updates available for Adobe Reader and Acrobat Version history: 15.05.2014 Initial publication Summary ======= Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.06) and earlier versions for Windows and Macintosh. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system [1]. These updates address a critical vulnerabilities in the software. CVE Numbers reported: CVE-2014-0511 CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/AU:N/C:C/I:C/A:C) [2] CVE-2014-0512 CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/AU:N/C:C/I:C/A:C) CVE-2014-0521 CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/AU:N/C:C/I:C/A:C) CVE-2014-0522 CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/AU:N/C:C/I:C/A:C) CVE-2014-0523 CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/AU:N/C:C/I:C/A:C) CVE-2014-0524 CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/AU:N/C:C/I:C/A:C) CVE-2014-0525 CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/AU:N/C:C/I:C/A:C) CVE-2014-0526 CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/AU:N/C:C/I:C/A:C) CVE-2014-0527 CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/AU:N/C:C/I:C/A:C) CVE-2014-0528 CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/AU:N/C:C/I:C/A:C) CVE-2014-0529 CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/AU:N/C:C/I:C/A:C) Vulnerable systems ================== Adobe Reader XI (11.0.06) and earlier 11.x versions for Windows and Macintosh Adobe Reader X (10.1.9) and earlier 10.x versions for Windows and Macintosh Adobe Acrobat XI (11.0.06) and earlier 11.x versions for Windows and Macintosh Adobe Acrobat X (10.1.9) and earlier 10.x versions for Windows and Macintosh What can you do? ================ Adobe recommends users update their product installations to the latest versions: Users of Adobe Reader XI (11.0.06) for Windows and Macintosh should update to Adobe Reader XI (11.0.07). For users of Adobe Reader X (10.1.9) and earlier versions for Windows and Macintosh, who cannot update to Adobe Reader XI (11.0.07), Adobe has made available the update Adobe Reader X (10.1.10). Users of Adobe Acrobat XI (11.0.06) for Windows and Macintosh should update to Adobe Acrobat XI (11.0.07). For users of Adobe Acrobat X (10.1.9) and earlier versions for Windows and Macintosh, who cannot update to Adobe Acrobat XI (11.0.07), Adobe has made available the update Adobe Acrobat X (10.1.10). Please follow the update instructions in the original advisory [1] More information ================ [1] http://helpx.adobe.com/security/products/flash-player/apsb14-15.html [2] http://nvd.nist.gov/cvss.cfm?vectorinfo&version=2 Best regards, CERT-EU Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGBQJTdOJ/AAoJEPpzpNLI8SVoKosP/0kntOBKU07BSzIl3L6J6FbI +hGPIvBP4YFcJtG6Zkdg3kgI9fxfTcu/3kySFs4tWbLzNSVkroJRiOLkRRO0JmTV BXAgK20Y5XtyxYx3l326FFrahZli+D8tf4blLDOhLzrCSjt8cCAywNabMvTsTis6 U0Fya/XmQuqa/t9+f5yoJpytyR+QePi/zIM4PLjDOIs6S921GfqjguIfWdxr3c00 OiBMimrb2MI1E9qoUq6vyzv7G9p6ebNvfdYCZeiX6XSAXjzA8e92SvqT8gUuwXoq 2N65l/bJrIrWwcMDA3fSDj+PpWjDe8tPTMpYhPe5hOUi9ZW1RqQVnRHdpznLRI7c blHUYIxnS3Ob2MtfBMKEsmRTvEoylkBUd1ePbv+g6Hy3CWe+TjdKioXeyy9HShek WpDkJU/OHdhyJBlbJOWxvTMrByR780vi7HMU9Pem+e6aJ7UAZTvzjmDc9fZbNVHH h7VM05lY6y9wSQ2M+1QlD8KUfSCXIczNCKAo0t/XEbJFLl9VCHfYIp/+rKzL41az EL3grd9YZXk9avUNfA9FEVt84K41UIq7a+wGDAHrwRFUc9akNZGVRY06ai7o4Wbg 8Frc0SKJjaUvIJkUvKDHgxKHAV+2dMh7ZM0nQE6zKbrzACRZLTS/23ZPIZ26BN3g tRzkqNHnZV4m4subw6Q2 =PBwB -----END PGP SIGNATURE-----