There appears to be yet another zero-day cross platform exploit in adobe reader. Attacks on the vulnerability have been in the wild as early as Tuesday, September 7, 2010 and it could "potentially allow an attacker to take control of the affected system". Reproducible: Didn't try Steps to Reproduce:
*** Bug 336614 has been marked as a duplicate of this bug. ***
From $URL: A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild.
*** Bug 337205 has been marked as a duplicate of this bug. ***
Adobe has disclosed another vulnerability in app-text/acroread. This is CVE-2010-2884. From APSA 10-03, http://www.adobe.com/support/security/advisories/apsa10-03.html: A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows. I am creating two bugs--one for www-plugins/adobe-flash, and one for app-text/acroread--so they can be stablized separately since Adobe is planning to release fixed software at different times.
Adobe has released Reader 9.4: http://www.adobe.com/support/security/bulletins/apsb10-21.html This list of fixed CVEs is: CVE-2010-2883, CVE-2010-2884, CVE-2010-2887, CVE-2010-2888, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619, CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3623, CVE-2010-3624, CVE-2010-3625, CVE-2010-3626, CVE-2010-3627, CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3631, CVE-2010-3632, CVE-2010-3656, CVE-2010-3657, CVE-2010-3658 9.4 is in the tree, but not yet stable.
Arches, please test and mark stable: =app-text/acroread-9.4.0 Target keywords : "amd64 x86"
amd64 done
x86 stable
Thanks, folks. GLSA request filed.
This is GLSA 201101-08; thank you.
CVE-2010-3658 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3658): Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3632. CVE-2010-3657 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3657): Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3656. CVE-2010-3656 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3656): Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3657. CVE-2010-3632 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3632): Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3658. CVE-2010-3631 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3631): Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors. CVE-2010-3630 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3630): Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. CVE-2010-3629 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3629): Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3620. CVE-2010-3628 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3628): Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3632, and CVE-2010-3658. CVE-2010-3627 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3627): Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via unknown vectors. CVE-2010-3626 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3626): Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted font, a different vulnerability than CVE-2010-2889. CVE-2010-3625 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3625): Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability." CVE-2010-3624 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3624): Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allows attackers to execute arbitrary code via a crafted image. CVE-2010-3623 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3623): Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. CVE-2010-3622 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3622): Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. CVE-2010-3621 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3621): Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. CVE-2010-3620 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3620): Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3629. CVE-2010-3619 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3619): Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658.
No vulnerable version left in the tree, nothing to do for printing
CVE-2010-2890 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2890): Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. CVE-2010-2889 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2889): Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted font, a different vulnerability than CVE-2010-3626. CVE-2010-2887 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2887): Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x before 9.4 on Linux allow attackers to gain privileges via unknown vectors. CVE-2010-2883 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2883): Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.
CVE-2010-2862 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2862): Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table.
