Adobe Acrobat and Reader "authplay.dll" Code Execution Vulnerability

Last Update Date: 18 Apr 2011 Release Date: 13 Apr 2011 5481 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

A vulnerability has been identified in Adobe Acrobat and Reader, which could be exploited by remote attackers to execute arbitrary code. This issue is caused by a memory corruption error in the "authplay.dll" module when processing malformed Flash content within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.

This vulnerability is exploited in the wild.

Impact

  • Remote Code Execution

System / Technologies affected

  • Adobe Acrobat X version 10.0.2 and prior
  • Adobe Acrobat version 9.4.3 and prior
  • Adobe Reader X version 10.0.2 and prior
  • Adobe Reader version 9.4.3 and prior
     

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • It is expected that an update for Adobe Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh, Adobe Reader X (10.0.1) for Macintosh, and Adobe Reader 9.4.3 and earlier 9.x versions for Windows and Macintosh will be available no later than the week of April 25, 2011.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Adobe Flash Player Content Processing Code Execution Vulnerability

13 Apr 2011 5260 Views

Next

Google Chrome Flash Content Processing Code Execution Vulnerability

13 Apr 2011 5227 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY