CVE-2011-4373 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4373): Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372. CVE-2011-4372 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4372): Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373. CVE-2011-4371 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4371): Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. CVE-2011-4370 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4370): Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4372 and CVE-2011-4373. These most likely impact acrobat reader for linux too, but we'll have to wait until the next scheduled release for linux to make sure.
glsa request filed
Vulnerable version removed from the tree. Thanks everyone!
This issue was resolved and addressed in GLSA 201206-14 at http://security.gentoo.org/glsa/glsa-201206-14.xml by GLSA coordinator Sean Amoss (ackle).
