Site icon Liquidmatrix Security Digest

Adobe $PRODUCT Buffer Overflows and Memory Corruption

Adobe $PRODUCT Buffer Overflows and Memory Corruption Errors Let Remote Users Execute Arbitrary Code

Vulnerability ID: 788743

CVE Reference: CVE-20**-*

Date: $MONTH $YEAR

Impact: Execution of arbitrary code via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): $NUM and prior for Windows and OS X; $NUM and prior for Linux

Description: Several vulnerabilities were reported in Adobe $PRODUCT. A remote user can cause arbitrary code to be executed on the target user’s system.

A remote user can create specially crafted $SOMETHINGBAD that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

Buffer overflows can trigger code execution.

Memory corruption flaws can trigger code execution.

A security bypass flaw can trigger code execution.

S. Kiddee, N. V. Pimp and a $NAME security teams reported these vulnerabilities.

Impact: A remote user can $SOMETHINGBAD that, when loaded by the target user, will execute arbitrary code on the target user’s system.

Solution: The vendor has issued a fix.

The vendor’s advisory is available at: http://www.adobe.com/support/security/bulletins/

Vendor URL: www.adobe.com/support/security/bulletins/ (Links to External Site)

Cause: Access control error, Boundary error
Underlying OS: *

Message History: This archive entry has one or more follow-up message(s) listed below.
Nov 18 2012 We don’t have enough 1s and 0s to go back that far…really…

This should cover you for most if not all future Adobe vulnerabilities.

You’re welcome.

(Image used under CC from Daniel Y. Go)

Exit mobile version