Adobe $PRODUCT Buffer Overflows and Memory Corruption Errors Let Remote Users Execute Arbitrary Code
Vulnerability ID: 788743
CVE Reference: CVE-20**-*
Date: $MONTH $YEAR
Impact: Execution of arbitrary code via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): $NUM and prior for Windows and OS X; $NUM and prior for Linux
Description: Several vulnerabilities were reported in Adobe $PRODUCT. A remote user can cause arbitrary code to be executed on the target user’s system.
A remote user can create specially crafted $SOMETHINGBAD that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.
Buffer overflows can trigger code execution.
Memory corruption flaws can trigger code execution.
A security bypass flaw can trigger code execution.
S. Kiddee, N. V. Pimp and a $NAME security teams reported these vulnerabilities.
Impact: A remote user can $SOMETHINGBAD that, when loaded by the target user, will execute arbitrary code on the target user’s system.
Solution: The vendor has issued a fix.
The vendor’s advisory is available at: http://www.adobe.com/support/security/bulletins/
Vendor URL: www.adobe.com/support/security/bulletins/ (Links to External Site)
Cause: Access control error, Boundary error
Underlying OS: *
Message History: This archive entry has one or more follow-up message(s) listed below.
Nov 18 2012 We don’t have enough 1s and 0s to go back that far…really…
This should cover you for most if not all future Adobe vulnerabilities.
You’re welcome.
(Image used under CC from Daniel Y. Go)
