Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 322857 - <app-text/acroread-9.3.4: Multiple vulnerabilities (CVE-2010-{1285,1295,1297,2168,2201,2202,2203,2204,2205,2206,2207,2208,2209,2210,2211,2212})
Summary: <app-text/acroread-9.3.4: Multiple vulnerabilities (CVE-2010-{1285,1295,1297,...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL: http://www.adobe.com/support/security...
Whiteboard: A2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-06-05 13:57 UTC by Alex Legler (RETIRED)
Modified: 2010-09-09 15:37 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester gentoo-dev Security 2010-06-05 13:57:56 UTC
+++ This bug was initially created as a clone of Bug #322855 +++

Quoting $URL:

A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat. This advisory will be updated once a schedule has been determined for releasing a fix.
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-06-08 22:07:59 UTC
From http://blogs.adobe.com/asset/2010/06/background_on_apsa10-01_patch.html:

The security update for Flash Player will be available by June 10, 2010. The security update for Adobe Reader and Acrobat will be available by June 29, 2010. 
Comment 2 Timo Gurr (RETIRED) gentoo-dev 2010-07-01 21:10:37 UTC
I've committed acroread-9.3.3 to CVS.
Comment 3 Tobias Heinlein (RETIRED) gentoo-dev 2010-07-02 08:15:08 UTC
Arches, please test and mark stable:
=app-text/acroread-9.3.3
Target keywords : "amd64 x86"
Comment 4 Christian Faulhammer (RETIRED) gentoo-dev 2010-07-03 07:29:47 UTC
x86 stable.
Comment 5 Markos Chandras (RETIRED) gentoo-dev 2010-07-12 17:18:16 UTC
amd64 done
Comment 6 Stefan Behte (RETIRED) gentoo-dev Security 2010-08-01 12:23:08 UTC
glsa request filed.
Comment 7 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-08-10 14:45:58 UTC
printing: please remove the vulnerable version in the tree
Comment 8 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-08-10 15:04:09 UTC
CVE-2010-1285 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1285):
  Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on
  Windows and Mac OS X, allow attackers to execute arbitrary code via
  unspecified manipulations involving the newclass (0x58) operator and
  an "invalid pointer vulnerability" that triggers memory corruption, a
  different vulnerability than CVE-2010-2168 and CVE-2010-2201.

CVE-2010-1295 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1295):
  Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on
  Windows and Mac OS X, allow attackers to execute arbitrary code or
  cause a denial of service (memory corruption) via unspecified
  vectors, a different vulnerability than CVE-2010-2202, CVE-2010-2207,
  CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212.

Comment 9 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-08-10 15:20:14 UTC
CVE-2010-2168 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2168):
  Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on
  Windows and Mac OS X, allow attackers to execute arbitrary code via a
  PDF file with crafted Flash content, involving the newfunction (0x44)
  operator and an "invalid pointer vulnerability" that triggers memory
  corruption, a different vulnerability than CVE-2010-1285 and
  CVE-2010-2201.

CVE-2010-2201 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2201):
  Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on
  Windows and Mac OS X, allow attackers to execute arbitrary code via a
  PDF file with crafted Flash content involving the (1) pushstring
  (0x2C) operator, (2) debugfile (0xF1) operator, and an "invalid
  pointer vulnerability" that triggers memory corruption, a different
  vulnerability than CVE-2010-1285 and CVE-2010-2168.

CVE-2010-2202 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2202):
  Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on
  Windows and Mac OS X, allow attackers to execute arbitrary code or
  cause a denial of service (memory corruption) via unspecified
  vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2207,
  CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212.

CVE-2010-2203 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2203):
  Adobe Reader and Acrobat 9.x before 9.3.3 on UNIX allow attackers to
  execute arbitrary code or cause a denial of service (memory
  corruption) via unspecified vectors.

CVE-2010-2204 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2204):
  Unspecified vulnerability in Adobe Reader and Acrobat 9.x before
  9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers
  to cause a denial of service or possibly execute arbitrary code via
  unknown vectors.

CVE-2010-2205 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2205):
  Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on
  Windows and Mac OS X, access uninitialized memory, which allows
  attackers to execute arbitrary code via unspecified vectors.

CVE-2010-2206 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2206):
  Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x
  before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows
  remote attackers to execute arbitrary code via a crafted GIF image in
  a PDF file, which bypasses a size check and triggers a heap-based
  buffer overflow.

CVE-2010-2207 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2207):
  Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on
  Windows and Mac OS X, allow attackers to execute arbitrary code or
  cause a denial of service (memory corruption) via unspecified
  vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202,
  CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212.

CVE-2010-2208 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2208):
  Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on
  Windows and Mac OS X, dereference a heap object after this object's
  deletion, which allows attackers to execute arbitrary code via
  unspecified vectors.

CVE-2010-2209 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2209):
  Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on
  Windows and Mac OS X, allow attackers to execute arbitrary code or
  cause a denial of service (memory corruption) via unspecified
  vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202,
  CVE-2010-2207, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212.

CVE-2010-2210 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2210):
  Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on
  Windows and Mac OS X, allow attackers to execute arbitrary code or
  cause a denial of service (memory corruption) via unspecified
  vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202,
  CVE-2010-2207, CVE-2010-2209, CVE-2010-2211, and CVE-2010-2212.

CVE-2010-2211 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2211):
  Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on
  Windows and Mac OS X, allow attackers to execute arbitrary code or
  cause a denial of service (memory corruption) via unspecified
  vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202,
  CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2212.

CVE-2010-2212 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2212):
  Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x
  before 8.2.3 on Windows and Mac OS X, allows attackers to execute
  arbitrary code or cause a denial of service (memory corruption) via a
  PDF file containing Flash content with a crafted #1023 (3FFh) tag, a
  different vulnerability than CVE-2010-1295, CVE-2010-2202,
  CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2211.

Comment 10 Timo Gurr (RETIRED) gentoo-dev 2010-08-26 18:00:07 UTC
Sorry for the delay, vulnerable version removed (and also bumped acroread to 9.3.4 to fix CVE-2010-2862 & CVE-2010-1240).
Comment 11 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-08-31 16:02:08 UTC
Arches, please test and mark stable:
=app-text/acroread-9.3.4
Target keywords : "amd64 x86"
Comment 12 Myckel Habets 2010-08-31 17:58:49 UTC
On x86 I get this:

scanelf: rpath_security_checks(): Security problem with relative DT_RPATH '.' in /var/tmp/portage/app-text/acroread-9.3.4/image/opt/Adobe/Reader9/Reader/intellinux/lib/libextendscript.so
scanelf: rpath_security_checks(): Security problem with relative DT_RPATH '.' in /var/tmp/portage/app-text/acroread-9.3.4/image/opt/Adobe/Reader9/Reader/intellinux/lib/libsccore.so
scanelf: rpath_security_checks(): Security problem with relative DT_RPATH '.' in /var/tmp/portage/app-text/acroread-9.3.4/image/opt/Adobe/Reader9/Reader/intellinux/lib/libextendscript.so
scanelf: rpath_security_checks(): Security problem with relative DT_RPATH '.' in /var/tmp/portage/app-text/acroread-9.3.4/image/opt/Adobe/Reader9/Reader/intellinux/lib/libsccore.so
Comment 13 Christian Faulhammer (RETIRED) gentoo-dev 2010-09-01 10:27:35 UTC
stable x86, those warnings exist since the beginning of time
Comment 14 Markos Chandras (RETIRED) gentoo-dev 2010-09-03 12:26:02 UTC
amd64 done
Comment 15 Stefan Behte (RETIRED) gentoo-dev Security 2010-09-03 22:39:23 UTC
glsa together with all the other acroread stuff
Comment 16 Stefan Behte (RETIRED) gentoo-dev Security 2010-09-09 15:37:49 UTC
GLSA 201009-05, thanks everyone.