Upstream information

CVE-2013-2550 at MITRE

Description

Unspecified vulnerability in Adobe Reader 11.0.02 allows attackers to bypass the sandbox protection mechanism via unknown vectors, as demonstrated by George Hotz during a Pwn2Own competition at CanSecWest 2013.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.5
Vector AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entry: 819918 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP2
  • acroread >= 9.5.5-0.3.1
  • acroread-cmaps >= 9.4.6-0.4.3.2
  • acroread-fonts-ja >= 9.4.6-0.4.3.2
  • acroread-fonts-ko >= 9.4.6-0.4.3.2
  • acroread-fonts-zh_CN >= 9.4.6-0.4.3.2
  • acroread-fonts-zh_TW >= 9.4.6-0.4.3.2
  • acroread_ja >= 9.4.2-0.4.1
Patchnames:
sledsp2-acroread
SUSE Linux Enterprise Desktop 11 SP2
  • acroread >= 9.5.5-0.3.1
  • acroread-cmaps >= 9.4.6-0.4.3.2
  • acroread-fonts-ja >= 9.4.6-0.4.3.2
  • acroread-fonts-ko >= 9.4.6-0.4.3.2
  • acroread-fonts-zh_CN >= 9.4.6-0.4.3.2
  • acroread-fonts-zh_TW >= 9.4.6-0.4.3.2
Builds
SAT Patch Nr: 7734
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP4 for x86
  • acroread >= 9.5.5-0.6.1
  • acroread-cmaps >= 9.4.6-0.6.63
  • acroread-fonts-ja >= 9.4.6-0.6.63
  • acroread-fonts-ko >= 9.4.6-0.6.63
  • acroread-fonts-zh_CN >= 9.4.6-0.6.63
  • acroread-fonts-zh_TW >= 9.4.6-0.6.63
Builds
ZYPP Patch Nr: 8571


Status of this issue by product and package

Product(s) Source package State
SUSE Linux Enterprise Desktop 10 SP4 acroread Released
SUSE Linux Enterprise Desktop 11 SP2 acroread Released