Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C
Vendors Products
Adobe
  • Acrobat
  • Acrobat Reader
Microsoft
  • Windows
Unix
  • Unix
Apple
  • Mac Os X

Configuration 1 [-]

AND
OR cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.4.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.4.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.4.6:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.4.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.4.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.4.6:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND
OR cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.0.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.1.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.0.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.0.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.1.1:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html
http://www.adobe.com/support/security/bulletins/apsb11-30.html Patch Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb12-01.html Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2012-0011.html
http://www.securityfocus.com/bid/51092
http://www.us-cert.gov/cas/techalerts/TA11-350A.html US Government Resource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14865
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: adobe

Published: 2011-12-16T19:00:00

Updated: 2017-09-18T12:57:01

Reserved: 2011-11-04T00:00:00

Link: CVE-2011-4369

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2011-12-16T19:55:00.987

Modified: 2017-09-19T01:34:25.527

Link: CVE-2011-4369

JSON object: View

cve-icon Redhat Information

No data.

CWE