Details of VAR-201208-0729

ID

VAR-201208-0729

CVE

CVE-2012-2051

TITLE

Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2012-003634

DESCRIPTION

Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation. Background ========== Adobe Reader is a closed-source PDF reader. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/acroread < 9.5.5 >= 9.5.5 Description =========== Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Reader users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5" References ========== [ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201308-03.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ---------------------------------------------------------------------- The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta ---------------------------------------------------------------------- TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities SECUNIA ADVISORY ID: SA50281 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281 RELEASE DATE: 2012-08-14 DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/50281/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=50281 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system. 1) An unspecified error can be exploited to cause a stack-based buffer overflow. 2) An unspecified error can be exploited to cause a buffer overflow. 3) An unspecified error can be exploited to corrupt memory. 4) Another unspecified error can be exploited to corrupt memory. 5) Another unspecified error can be exploited to corrupt memory. 6) An unspecified error can be exploited to cause a heap-based buffer overflow. 7) Multiple unspecified errors can be exploited to corrupt memory. 8) Two unspecified errors can be exploited to corrupt memory. Note: Vulnerability #8 affects the Macintosh platform only. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. SOLUTION: Apply updates. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.25

sources: NVD: CVE-2012-2051 // JVNDB: JVNDB-2012-003634 // BID: 55005 // VULHUB: VHN-55332 // VULMON: CVE-2012-2051 // PACKETSTORM: 122930 // PACKETSTORM: 115524

AFFECTED PRODUCTS

vendor:	adobe	model:	acrobat reader	scope:	eq	version:	10.0.3	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	10.1.2	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	10.0.2	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	10.1	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.3.4	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	10.0.1	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.3.2	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	10.1.1	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	10.0	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	10.1.3	Trust: 1.6
vendor:	adobe	model:	acrobat	scope:	eq	version:	10.1.3	Trust: 1.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	10.1.2	Trust: 1.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	10.1.1	Trust: 1.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	10.1	Trust: 1.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	10.0.3	Trust: 1.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	10.0.2	Trust: 1.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	10.0.1	Trust: 1.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	10.0	Trust: 1.3
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.1.2	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.3.3	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.4.1	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.4.2	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.2	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.4	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.4.3	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.4.7	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.4.5	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.3.1	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.3.2	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.4.4	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.1.3	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.3	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.4.6	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.1	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.5	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.0	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.5.1	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.1.1	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.4.2	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.4	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.1.2	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.4.5	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.3.3	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.4.1	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.2	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.4.4	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.4.3	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.4.7	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.1.3	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.3.1	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.3.4	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.4.6	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.1	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.5	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.0	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.3	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.1.1	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.5.1	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	lte	version:	9.5.1 9.x (windows and macintosh)	Trust: 0.8
vendor:	adobe	model:	acrobat	scope:	lte	version:	x (10.1.3) 10.x (windows and macintosh)	Trust: 0.8
vendor:	adobe	model:	reader	scope:	lte	version:	9.5.1 9.x (windows and macintosh)	Trust: 0.8
vendor:	adobe	model:	reader	scope:	lte	version:	x (10.1.3) 10.x (windows and macintosh)	Trust: 0.8
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	10.1.3	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	10.1.2	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	10.1.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.4.7	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.4.6	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.5.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.5	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.4.5	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.4.4	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.4.3	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.4.2	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.4.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.4	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	10.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	10.0.3	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	10.0.2	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	10.0	Trust: 0.3

sources: BID: 55005 // JVNDB: JVNDB-2012-003634 // CNNVD: CNNVD-201208-245 // NVD: CVE-2012-2051

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-2051
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-2051
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201208-245
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-55332
value:	HIGH
Trust: 0.1
VULMON:	CVE-2012-2051
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-2051
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-55332
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-55332 // VULMON: CVE-2012-2051 // JVNDB: JVNDB-2012-003634 // CNNVD: CNNVD-201208-245 // NVD: CVE-2012-2051

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-55332 // JVNDB: JVNDB-2012-003634 // NVD: CVE-2012-2051

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201208-245

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201208-245

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-003634

PATCH

title:	APSB12-16	url:	http://www.adobe.com/support/security/bulletins/apsb12-16.html	Trust: 0.8
title:	APSB12-16 (cq08100817)	url:	http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html	Trust: 0.8
title:	APSB12-16	url:	http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html	Trust: 0.8
title:	アドビシステムズ社 Adobe Reader の脆弱性に関するお知らせ	url:	http://www.fmworld.net/biz/common/adobe/20120816.html	Trust: 0.8

sources: JVNDB: JVNDB-2012-003634

EXTERNAL IDS

db:	NVD	id:	CVE-2012-2051	Trust: 3.0
db:	JVNDB	id:	JVNDB-2012-003634	Trust: 0.8
db:	CNNVD	id:	CNNVD-201208-245	Trust: 0.7
db:	SECUNIA	id:	50281	Trust: 0.7
db:	NSFOCUS	id:	20345	Trust: 0.6
db:	BID	id:	55005	Trust: 0.4
db:	VULHUB	id:	VHN-55332	Trust: 0.1
db:	VULMON	id:	CVE-2012-2051	Trust: 0.1
db:	PACKETSTORM	id:	122930	Trust: 0.1
db:	PACKETSTORM	id:	115524	Trust: 0.1

sources: VULHUB: VHN-55332 // VULMON: CVE-2012-2051 // BID: 55005 // JVNDB: JVNDB-2012-003634 // PACKETSTORM: 122930 // PACKETSTORM: 115524 // CNNVD: CNNVD-201208-245 // NVD: CVE-2012-2051

REFERENCES

url:	http://www.adobe.com/support/security/bulletins/apsb12-16.html	Trust: 1.9
url:	http://security.gentoo.org/glsa/glsa-201308-03.xml	Trust: 1.3
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16394	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2051	Trust: 0.8
url:	https://www.jpcert.or.jp/at/2012/at120023.txt	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2051	Trust: 0.8
url:	http://www.npa.go.jp/cyberpolice/#topics	Trust: 0.8
url:	http://secunia.com/advisories/50281	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/20345	Trust: 0.6
url:	http://www.adobe.com	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4363	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4160	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4147	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4155	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4149	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4152	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2051	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1525	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4153	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-0607	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4151	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-0605	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-0606	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-0602	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1530	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4159	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4157	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4156	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2049	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4748	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4158	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-0608	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4150	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-4154	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-0603	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-0604	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612	Trust: 0.1
url:	http://security.gentoo.org/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2050	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-0601	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/50281/#comments	Trust: 0.1
url:	http://secunia.com/advisories/50281/	Trust: 0.1
url:	http://secunia.com/csi6beta	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=50281	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

CREDITS

Mateusz Jurczyk of the Google Security Team

Trust: 0.3

sources: BID: 55005

SOURCES

db:	VULHUB	id:	VHN-55332
db:	VULMON	id:	CVE-2012-2051
db:	BID	id:	55005
db:	JVNDB	id:	JVNDB-2012-003634
db:	PACKETSTORM	id:	122930
db:	PACKETSTORM	id:	115524
db:	CNNVD	id:	CNNVD-201208-245
db:	NVD	id:	CVE-2012-2051

LAST UPDATE DATE

2024-11-23T20:17:24.508000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-55332	date:	2017-09-19T00:00:00
db:	VULMON	id:	CVE-2012-2051	date:	2017-09-19T00:00:00
db:	BID	id:	55005	date:	2013-08-26T00:16:00
db:	JVNDB	id:	JVNDB-2012-003634	date:	2012-08-21T00:00:00
db:	CNNVD	id:	CNNVD-201208-245	date:	2012-08-16T00:00:00
db:	NVD	id:	CVE-2012-2051	date:	2024-11-21T01:38:23.500

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-55332	date:	2012-08-15T00:00:00
db:	VULMON	id:	CVE-2012-2051	date:	2012-08-15T00:00:00
db:	BID	id:	55005	date:	2012-08-14T00:00:00
db:	JVNDB	id:	JVNDB-2012-003634	date:	2012-08-17T00:00:00
db:	PACKETSTORM	id:	122930	date:	2013-08-23T06:29:02
db:	PACKETSTORM	id:	115524	date:	2012-08-14T04:36:45
db:	CNNVD	id:	CNNVD-201208-245	date:	2012-08-16T00:00:00
db:	NVD	id:	CVE-2012-2051	date:	2012-08-15T10:31:41.053