calculate/gentoo-full-overlay
4
1
Fork 0
Code Issues Pull requests Releases Wiki Activity
gentoo-full-overlay/metadata/glsa/glsa-200910-03.xml

91 lines
4.2 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?>
<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200910-03">
<title>Adobe Reader: Multiple vulnerabilities</title>
<synopsis>
Multiple vulnerabilities in Adobe Reader might result in the execution of
arbitrary code, or other attacks.
</synopsis>
<product type="ebuild">acroread</product>
<announced>October 25, 2009</announced>
<revised>October 25, 2009: 01</revised>
<bug>289016</bug>
<access>remote</access>
<affected>
<package name="app-text/acroread" auto="yes" arch="*">
<unaffected range="ge">9.2</unaffected>
<vulnerable range="lt">9.2</vulnerable>
</package>
</affected>
<background>
<p>
Adobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF
reader.
</p>
</background>
<description>
<p>
Multiple vulnerabilities were discovered in Adobe Reader. For further
information please consult the CVE entries and the Adobe Security
Bulletin referenced below.
</p>
</description>
<impact type="normal">
<p>
A remote attacker might entice a user to open a specially crafted PDF
file, possibly resulting in the execution of arbitrary code with the
privileges of the user running the application, Denial of Service, the
creation of arbitrary files on the victim's system, "Trust Manager"
bypass, or social engineering attacks.
</p>
</impact>
<workaround>
<p>
There is no known workaround at this time.
</p>
</workaround>
<resolution>
<p>
All Adobe Reader users should upgrade to the latest version:
</p>
<code>
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=app-text/acroread-9.2&quot;</code>
</resolution>
<references>
<uri link="http://www.adobe.com/support/security/bulletins/apsb09-15.html">APSB09-15</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0045">CVE-2007-0045</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0048">CVE-2007-0048</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2979">CVE-2009-2979</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2980">CVE-2009-2980</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2981">CVE-2009-2981</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2982">CVE-2009-2982</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2983">CVE-2009-2983</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2985">CVE-2009-2985</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2986">CVE-2009-2986</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2988">CVE-2009-2988</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2990">CVE-2009-2990</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2991">CVE-2009-2991</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2993">CVE-2009-2993</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2994">CVE-2009-2994</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2996">CVE-2009-2996</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2997">CVE-2009-2997</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2998">CVE-2009-2998</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3431">CVE-2009-3431</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3458">CVE-2009-3458</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3459">CVE-2009-3459</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3462">CVE-2009-3462</uri>
</references>
<metadata tag="requester" timestamp="Sat, 24 Oct 2009 18:48:21 +0000">
keytoaster
</metadata>
<metadata tag="submitter" timestamp="Sat, 24 Oct 2009 23:09:06 +0000">
a3li
</metadata>
<metadata tag="bugReady" timestamp="Sat, 24 Oct 2009 23:09:17 +0000">
a3li
</metadata>
</glsa>
Reference in a new issue View git blame Copy permalink