Bug 848183 (CVE-2012-1525, CVE-2012-2049, CVE-2012-2050, CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, CVE-2012-4160) - acroread: multiple code execution flaw (APSB12-16)
Summary: acroread: multiple code execution flaw (APSB12-16)
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: CVE-2012-1525, CVE-2012-2049, CVE-2012-2050, CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, CVE-2012-4160
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
urgent
urgent
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 848188
TreeView+ depends on / blocked
 
Reported: 2012-08-14 20:36 UTC by Vincent Danen
Modified: 2021-02-23 14:08 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-01-24 10:06:04 UTC
Embargoed:

Attachments (Terms of Use)

Description Vincent Danen 2012-08-14 20:36:52 UTC 
Adobe security bulletin APSB12-16 describes numerous security flaws that can lead to arbitrary code exection in Adobe Reader:

These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2012-2049).

These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2012-2050).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, CVE-2012-4160).

These updates resolve a heap overflow vulnerability that could lead to code execution (CVE-2012-1525).

These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2012-4161) (Macintosh only).

These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2012-4162) (Macintosh only).

Two of these flaws are mac-only, however the bulletin does not describe whether or not the Linux/UNIX builds of 9.x are affected or not.  I've sent an email to PSIRT to confirm whether or not the Linux version is vulnerable to these issues.

External References:

http://www.adobe.com/support/security/bulletins/apsb12-16.html
Comment 2 Vincent Danen 2012-08-16 15:18:32 UTC 
Adobe has indicated that the next Adobe Reader for Linux will not be available for some time yet.  As we cannot patch Reader in any way, we are constrained by the vendor's release schedule and as such will release updates as soon as they are made generally available.
Comment 3 Vincent Danen 2012-08-16 15:24:06 UTC 
Also refer to:

http://blogs.adobe.com/asset/2011/06/notes-on-adobe-reader-and-acrobat-10-1.html

Specifically the "Support Model Change for Adobe Reader for Linux" which describes that Adobe will only release Reader for Linux updates twice a year (or every other quarterly release).
Comment 4 Tomas Hoger 2012-08-17 08:02:10 UTC 
http://gynvael.coldwind.pl/?id=483
Comment 5 Tomas Hoger 2013-01-24 10:06:04 UTC 
The acroread packages in Red Hat Enterprise Linux 5 and 6 Supplementary were updated to the latest upstream version 9.5.3 via RHSA-2013:0150:

https://rhn.redhat.com/errata/RHSA-2013-0150.html

According to the Adobe blog post linked in comment #3, this update should contain fixes for all known security issues fixed in previous updates that only provided new Adobe Reader versions for Windows and Macintosh platforms.

Even though upstream bulletin APSB12-16 did not get updated by Adobe to list Linux version 9.5.3 as fixing listed security issues, previous upstream statements indicate that should be assumed.  Hence closing this.
Note You need to log in before you can comment on or make changes to this bug.