Adobe Acrobat and Reader CLOD Mesh Declaration Block Heap Buffer Overflow Vulnerability

Adobe Acrobat and Reader are prone to a heap-based buffer-overflow vulnerability because they fail to properly validate user-supplied input.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a denial of service.

The following products are affected:

Adobe Reader 9.3.1 and prior for Windows, Macintosh, and UNIX
Adobe Acrobat 9.3.1 and prior for Windows and Macintosh
Adobe Reader 8.2.1 and prior for Windows and Macintosh
Acrobat 8.2.1 and prior for Windows and Macintosh

Note: This vulnerability was previously documented in BID 39329 (Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities) but has been given its own record to better document the issue.


Privacy Statement
Copyright 2010, SecurityFocus