The company Adobe, last week became the victim of a powerful cyber attacks, which resulted in compromised data of millions of its customers, has released two security bulletins that address new vulnerabilities that are not related to the incident.
The first update affects RoboHelp 10 for Windows and fixes a memory corruption vulnerability CVE-2013-5327, which allows an attacker to execute malicious code on the target system. The second update is for Adobe Reader and Acrobat XI (11.0.04) for Windows and fixes a regression introduced in version 11.0.04 and affecting the security controls in Javascript. Vulnerability CVE- 2013-5325 lets you run URI scheme Javacript when viewing of PDF-documents in the browser.
The above-mentioned vulnerabilities do not affect Adobe Reader and Acrobat X ( version 10.1.8 and later) for Windows and Macintosh. None of the exploits of vulnerabilities are not known.
Vulnerability CVE-2013-5327
Arbitrary code execution in Adobe RoboHelp
Affected versions: Adobe RoboHelp 10, possibly other versions.
Description:
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability is caused due to an unspecified error . This can be exploited to corrupt memory and execute arbitrary code on the target system.
Link: https://www.adobe.com/support/security/bulletins/apsb13-24.html
Vulnerability CVE-2013-5325Affected versions: Adobe RoboHelp 10, possibly other versions.
Description:
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability is caused due to an unspecified error . This can be exploited to corrupt memory and execute arbitrary code on the target system.
Link: https://www.adobe.com/support/security/bulletins/apsb13-24.html
Security Bypass Adobe Reader and Atsrobat
Affected versions:
- Adobe Reader XI (11.0.04) for Windows;
- Adobe Acrobat XI (11.0.04) for Windows.
Description:
The vulnerability can be exploited by malicious people for bypass certain security restrictions.
The vulnerability is caused due to an error related to security constraints JavaScript code. This can be exploited via a specially crafted PDF file opened using JavaScript URI address.
Link: https://www.adobe.com/support/security/bulletins/apsb13-25.html
Affected versions:
- Adobe Reader XI (11.0.04) for Windows;
- Adobe Acrobat XI (11.0.04) for Windows.
Description:
The vulnerability can be exploited by malicious people for bypass certain security restrictions.
The vulnerability is caused due to an error related to security constraints JavaScript code. This can be exploited via a specially crafted PDF file opened using JavaScript URI address.
Link: https://www.adobe.com/support/security/bulletins/apsb13-25.html
No comments:
Post a Comment