Security update for Acrobat Reader
SUSE Security Update: Security update for Acrobat Reader
Specially crafted PDF files could have caused a denial of
service or have lead to the execution of arbitrary code in
the context of the user running acroread:
* CVE-2012-0774, crafted fonts inside PDFs could allow
attackers to cause an integer overflow, resulting in the
possibility of arbitrary code execution
* CVE-2012-0775, CVE-2012-0777: an issue in acroread's
javascript API could allow attackers to cause a denial of
service or potentially execute arbitrary code
Security Issue references:
* CVE-2012-0774
* CVE-2012-0775
* CVE-2012-0777
| Announcement ID: | SUSE-SU-2012:0522-1 |
| Rating: | important |
| References: | #742126 #756574 |
| Affected Products: |
An update that fixes three vulnerabilities is now available. It includes two new package versions.
Description:
Specially crafted PDF files could have caused a denial of
service or have lead to the execution of arbitrary code in
the context of the user running acroread:
* CVE-2012-0774, crafted fonts inside PDFs could allow
attackers to cause an integer overflow, resulting in the
possibility of arbitrary code execution
* CVE-2012-0775, CVE-2012-0777: an issue in acroread's
javascript API could allow attackers to cause a denial of
service or potentially execute arbitrary code
Security Issue references:
* CVE-2012-0774
* CVE-2012-0775
* CVE-2012-0777
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Desktop 11 SP2:
zypper in -t patch sledsp1-acroread-6138 - SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-acroread-6138
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 9.4.6]:
- acroread-cmaps-9.4.6-0.4.2.3
- acroread-fonts-ja-9.4.6-0.4.2.3
- acroread-fonts-ko-9.4.6-0.4.2.3
- acroread-fonts-zh_CN-9.4.6-0.4.2.3
- acroread-fonts-zh_TW-9.4.6-0.4.2.3
- SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 9.5.1]:
- acroread-9.5.1-0.2.1
- SUSE Linux Enterprise Desktop 11 SP1 (noarch) [New Version: 9.4.6]:
- acroread-cmaps-9.4.6-0.4.2.3
- acroread-fonts-ja-9.4.6-0.4.2.3
- acroread-fonts-ko-9.4.6-0.4.2.3
- acroread-fonts-zh_CN-9.4.6-0.4.2.3
- acroread-fonts-zh_TW-9.4.6-0.4.2.3
- SUSE Linux Enterprise Desktop 11 SP1 (i586) [New Version: 9.5.1]:
- acroread-9.5.1-0.2.1
References:
- http://support.novell.com/security/cve/CVE-2012-0774.html
- http://support.novell.com/security/cve/CVE-2012-0775.html
- http://support.novell.com/security/cve/CVE-2012-0777.html
- https://bugzilla.novell.com/742126
- https://bugzilla.novell.com/756574
- http://download.suse.com/patch/finder/?keywords=d50fa4600ca02afa4a43a3170e58aa41
Run SAP
SUSE for Public Cloud
Security
