-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2011-0014 Title: Adobe Acrobat and Reader - Multiple Vulnarabilities Version history: 15.11.2011 Initial publication Summary ======= Critical vulnerabilities have been identified in Adobe Acrobat and Reader. [1] CVE-2011-2442(Candidate), CVE-2011-2431(Candidate), CVE-2011-2440(Candidate), CVE-2011-1353(Candidate), CVE-2011-2436(Candidate), CVE-2011-2441(Candidate), CVE-2011-2438(Candidate), CVE-2011-2439(Candidate), CVE-2011-2435(Candidate), CVE-2011-2434(Candidate), CVE-2011-2437(Candidate), CVE-2011-2433(Candidate), CVE-2011-2432(Candidate). SUSE security advisory SUSE-SU-2011:1238-1 is available [2]. Severity Level[3]: CVSS2 Base 6.8/10 [4] Remote Yes Local No Credibility Vendor Confirmed Ease No Exploit Available Authentication Not Required This issue is fixed in: Adobe Acrobat 10.1.1(for Windows, Macintosh) Adobe Reader 10.1.1(for Windows, Macintosh) Potential impact ================ Successful exploits will allow attackers to compromise the affected application and possibly the underlying computer. 1. An attacker creates a malicious PDF file to leverage this issue and to perform some action on their behalf. 2. The attacker distributes the file and entices a victim into opening it with an affected application. 3. When the file is opened, the issue is triggered, and the attacker-supplied code is executed. Vulnerable Systems ================== Adobe Acrobat 10.1 and earlier for Windows and Macintosh Acrobat Reader 10.1 and earlier for Windows and Macintosh Adobe Acrobat 9.4.5 and earlier for Windows and Macintosh Acrobat Reader 9.4.5 and earlier for Windows and Macintosh Adobe Acrobat 8.3 and earlier for Windows and Macintosh Acrobat Reader 8.3 and earlier for Windows and Macintosh Red Hat Desktop Extras 4 Red Hat Enterprise Linux AS Extras 4 Red Hat Enterprise Linux Desktop Supplementary 5 client Red Hat Enterprise Linux Desktop Supplementary 6 Red Hat Enterprise Linux ES Extras 4 Red Hat Enterprise Linux Extras 4 Red Hat Enterprise Linux Server Supplementary 6 Red Hat Enterprise Linux Supplementary 5 server Red Hat Enterprise Linux Workstation Supplementary 6 Red Hat Enterprise Linux WS Extras 4 SuSE openSUSE 11.3 SuSE openSUSE 11.4 What can you do? ================ Solutions: Updates are available [3]. Mitigating Strategies ===================== Run all software as a nonprivileged user with minimal access rights. To reduce the impact of latent vulnerabilities, run the application with the minimal amount of privileges required for functionality. Deploy network intrusion detection systems to monitor network traffic for malicious activity. Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity including unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits. Do not accept or execute files from untrusted or unknown sources. To limit exposure to these and other latent vulnerabilities, never handle files that originate from unfamiliar or untrusted sources. Implement multiple redundant layers of security. As an added precaution, deploy memory-protection schemes (such as nonexecutable stack/heap configuration and randomly mapped memory segments). This may complicate exploits of memory-corruption vulnerabilities. What to tell your users? ======================== Standard security best practices apply: Do not accept or execute files from untrusted or unknown sources. To reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources. Do not follow links provided by unknown or untrusted sources. To reduce the likelihood of attacks, never visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources. More information ================ [1] http://www.adobe.com/support/security/bulletins/apsb11-24.html [2] http://support.novell.com/security/cve/CVE-2011-1353.html [3] http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows [4] CVSS details: CVSS Version 2 Scores CVSS2 Base 6.8 CVSS2 Temporal 5 CVSS2 Base Vector AV:N/AC:M/Au:N/C:P/I:P/A:P CVSS2 Temporal VectorE:U/RL:OF/RC:C More information about CVSS is available at: http://www.first.org/cvss/cvss-guide.html Best regards, CERT-EU Pre-configuration Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 -----BEGIN PGP SIGNATURE----- Version: BCPG v1.39 iQJXBAEBAgBBBQJOwkZ5OhxDRVJUIGZvciB0aGUgRXVyb3BlYW4gSW5zdGl0dXRp b25zIDxjZXJ0LWV1QGVjLmV1cm9wYS5ldT4ACgkQJ6QGykasQ4Nj/A/9Ft2EeOmq Ays4pW1grpyerqqj84qyoM98LghrWL867HkFZsQOBmOOKEZ0d1mUMbJNKGUVYeRC xb5y440npOiWzbkmguE4AjdwNeGJFNj2GMy5EcDBsN6SaFdiP/qbUjPSI5y54ReZ 3hmyNd910seakDvsbQhmTMQgHb2yuaZjYOKsxxcBkpQbc68XI+wec7Y8KhKurEvx zjHPxPlrZXADf0I57BqgSsAr2xzmy0vkEJ4GwFmoNUvVtrqTcxyrUHiQGYkuPGah N2fWvhZ6ZLmHLmdsNWkrOkI0nBFHPhHSNYtBiN6+uXYfV1g3TmLL7wKKOG3c/zBa 0lMiS7ZRE0TQqHYea8pWm3TUzhzZ+Wye2a0UlHTE9WcUgM0ZK/6kuFjL3Sq6iQlZ IrnEfIu7v3L5SafTT1+fBniF3hg9SWK1pKw2IWtxbYSAim/kvZyJsuAzIZ6byRYj JQIt0mUm3w5/F14cjpOSZeXVksu2dGFmH+1aFeyWI58WtlWjeKoqR/oEk2+9HKhP x5Av0uJp9HNTC/hmYVCTOCnyHEbFT9ef3aXDEojo0zJnwoo0vLe1K4j97vgpYcqL b7jMjqXLSClAMhHVVPAZvvY5UlPgsG9CtfLmW1765ZaH/DdQM198hVkxnDU/5N9v KvDliw5gWjGloPuk7Xq+JQDV+oKyE7qR+MM= =BHsn -----END PGP SIGNATURE-----