CVE-2011-0599

Related Files

Gentoo Linux Security Advisory 201201-19

Posted Jan 31, 2012

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201201-19 - Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks. Versions less than 9.4.7 are affected.

tags | advisory, remote, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2010-4091, CVE-2011-0562, CVE-2011-0563, CVE-2011-0565, CVE-2011-0566, CVE-2011-0567, CVE-2011-0570, CVE-2011-0585, CVE-2011-0586, CVE-2011-0587, CVE-2011-0588, CVE-2011-0589, CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0594, CVE-2011-0595, CVE-2011-0596, CVE-2011-0598, CVE-2011-0599, CVE-2011-0600, CVE-2011-0602, CVE-2011-0603, CVE-2011-0604, CVE-2011-0605, CVE-2011-0606, CVE-2011-2130

SHA-256 | baad128edffc63cf96f6415bcd8ed20845d4c2166743c0cf07a2e6869a63d515

Download | Favorite | View

Zero Day Initiative Advisory 11-072

Posted Feb 8, 2011

Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-072 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the Bitmap parsing component of rt3d.dll. When allocating a destination buffer for handling 4/8-bit RLE compressed bitmaps, the process uses the bitmap bits per pixel and number of colors values directly. A pointer is created based on the specified color depth, which can then be used to copy user supplied data into the fixed-length color data buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user.

tags | advisory, remote, arbitrary

advisories | CVE-2011-0599

SHA-256 | a0307babb5f84b7474b4227719e00a3f47917438731ace1d1001e36facc4f373

Download | Favorite | View