CVE-2011-4369

Upstream information

CVE-2011-4369 at MITRE

Description

Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.

---

SUSE information

CVSS v2 Scores

	National Vulnerability Database
Base Score	10.00
Vector	AV:N/AC:L/Au:N/C:C/I:C/A:C
Access Vector	Network
Access Complexity	Low
Authentication	None
Confidentiality Impact	Complete
Integrity Impact	Complete
Availability Impact	Complete

SUSE Bugzilla entry: 735275 [RESOLVED / FIXED]

SUSE Security Advisories:

• SUSE-SU-2012:0086-1, published Tue, 17 Jan 2012 17:08:27 +0100 (CET)
• openSUSE-SU-2012:0087-1, published Tue, 17 Jan 2012 18:08:26 +0100 (CET)

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE 11.3 openSUSE 11.4	acroread >= 9.4.7-0.3.1
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T SUSE Linux Enterprise Desktop 10 SP4 for x86	acroread >= 9.4.7-0.5.1 acroread-cmaps >= 9.4.6-0.5.9 acroread-fonts-ja >= 9.4.6-0.5.9 acroread-fonts-ko >= 9.4.6-0.5.9 acroread-fonts-zh_CN >= 9.4.6-0.5.9 acroread-fonts-zh_TW >= 9.4.6-0.5.9	sled10-sp4.x86-64 sled10-sp4.x86 ZYPP Patch Nr: 7924
SUSE Linux Enterprise Desktop 11 SP1	acroread >= 9.4.7-0.2.2.1 acroread-cmaps >= 9.4.6-0.4.2.2 acroread-fonts-ja >= 9.4.6-0.4.2.2 acroread-fonts-ko >= 9.4.6-0.4.2.2 acroread-fonts-zh_CN >= 9.4.6-0.4.2.2 acroread-fonts-zh_TW >= 9.4.6-0.4.2.2	sled11-sp1.x86-64 sled11-sp1.x86 SAT Patch Nr: 5649
openSUSE 11.4	acroread >= 9.4.7-0.3.1	Patchnames: acroread