SUSE-SU-2012:0524-1: important: Security update for Acrobat Reader

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Wed Apr 18 11:08:30 MDT 2012


   SUSE Security Update: Security update for Acrobat Reader
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:0524-1
Rating:             important
References:         #756574 
Cross-References:   CVE-2012-0774 CVE-2012-0775 CVE-2012-0777
                   
Affected Products:
                    SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________

   An update that fixes three vulnerabilities is now
   available. It includes two new package versions.

Description:


   The Acrobat Reader has been updated to version 9.5.1 to fix
   the following  issues:

   * CVE-2012-0774: crafted fonts inside PDFs could allow
   attackers to cause an integer overflow, resulting in the
   possibility of arbitrary code execution
   * CVE-2012-0775, CVE-2012-0777: an issue in acroread's
   javascript API could allowattackers to cause a denial of
   service or potentially execute arbitrary code

   Security Issue references:

   * CVE-2012-0774
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0774
   >
   * CVE-2012-0775
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0775
   >
   * CVE-2012-0777
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0777
   >



Package List:

   - SUSE Linux Enterprise Desktop 10 SP4 (noarch) [New Version: 9.4.6]:

      acroread-cmaps-9.4.6-0.6.1
      acroread-fonts-ja-9.4.6-0.6.1
      acroread-fonts-ko-9.4.6-0.6.1
      acroread-fonts-zh_CN-9.4.6-0.6.1
      acroread-fonts-zh_TW-9.4.6-0.6.1

   - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 9.5.1]:

      acroread-9.5.1-0.6.1


References:

   http://support.novell.com/security/cve/CVE-2012-0774.html
   http://support.novell.com/security/cve/CVE-2012-0775.html
   http://support.novell.com/security/cve/CVE-2012-0777.html
   https://bugzilla.novell.com/756574
   http://download.novell.com/patch/finder/?keywords=e0a6a6c45c73e49ff30a650d740a24d0



More information about the sle-security-updates mailing list