Daily Vuln Watch Japan

Scull

ソフト名：Adobe Acrobat 3D 8.3/8 Professional/8.3以下/9.4.5以下/X 10.1以下, Adobe Reader 8.3以下/9.4.5以下/X 10.1以下 (Adobe Flash Player 10.3.185.25以下(Android)/10.3.181.36以下(Windows/Macintosh/Linux/Solaris))

回避策：apsb11-24にて対応

脆弱性：セキュリティ制限の回避, 機密情報の奪取, 権限の昇格, システムアクセス, バッファオーバーフロー, リモートコード実行, 不特定のエラー, メモリ破壊, 整数オーバーフローエラー, メモリ内容の曝露, 解放後使用エラー

ソース：

http://www.adobe.com/products/acrobatpro.html

http://www.adobe.com/products/acrobat.html

http://www.adobe.com/products/reader.html

http://www.adobe.com/support/security/bulletins/apsb11-24.html

https://labs.idefense.com/verisign/intelligence/2009/vulnerabilities/display.php?id=940

http://secunia.com/advisories/45583/

http://secunia.com/advisories/45978/

http://dvw-j.blogspot.com/2011/08/adobe-air-adobe-flash-player-google.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1353

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2130

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2134

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2135

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2136

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2137

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2138

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2139

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2140

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2414

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2415

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2416

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2417

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2424

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2425

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2431

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2432

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2433

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2434

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2435

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2436

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2437

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2438

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2439

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2440

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2441

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2442

CVE：CVE-2011-1353, CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425, CVE-2011-2431, CVE-2011-2432, CVE-2011-2433, CVE-2011-2434, CVE-2011-2435, CVE-2011-2436, CVE-2011-2437, CVE-2011-2438, CVE-2011-2439, CVE-2011-2440, CVE-2011-2441, CVE-2011-2442

危険性：High Risk

Scull

ソフト名：Adobe Acrobat 8.2.6以下/8.2.6 Professional以下/3D 8.2.6以下/9.4.4以下/X 10.0.3以下, Adobe Reader 8.2.6以下/9.4.4以下/X 10.0.1以下(Windows)/X 10.0.3以下(Macintosh)

回避策：APSB11-16にて対応

脆弱性：セキュリティ制限の回避, XSS, 機密情報の奪取, システムアクセス, バッファオーバーフロー, 整数オーバーフロー, メモリ破壊, 不特定のエラー, 不正ライブラリのロード, キャッシュ汚染, スクリプトコード実行

ソース：http://www.adobe.com/products/acrobatpro.html

http://www.adobe.com/products/acrobat.html

http://www.adobe.com/products/reader.html

http://www.adobe.com/support/security/bulletins/apsb11-16.html

http://secunia.com/secunia_research/2011-41/

http://www.zerodayinitiative.com/advisories/ZDI-11-218/

http://www.zerodayinitiative.com/advisories/ZDI-11-219/

http://www.kb.cert.org/vuls/id/264729

http://secunia.com/advisories/43269/

http://secunia.com/advisories/44590/

http://secunia.com/advisories/44846/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0579

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0618

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0619

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0620

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0621

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0622

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0623

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0624

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0625

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0626

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0627

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0628

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2094

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2095

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2096

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2097

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2098

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2099

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2100

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2101

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2102

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2103

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2104

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2105

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2106

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2107

CVE：CVE-2011-0579, CVE-2011-0618, CVE-2011-0619, CVE-2011-0620, CVE-2011-0621, CVE-2011-0622, CVE-2011-0623, CVE-2011-0624, CVE-2011-0625, CVE-2011-0626, CVE-2011-0627, CVE-2011-0628, CVE-2011-2094, CVE-2011-2095, CVE-2011-2096, CVE-2011-2097, CVE-2011-2098, CVE-2011-2099, CVE-2011-2100, CVE-2011-2101, CVE-2011-2102, CVE-2011-2103, CVE-2011-2104, CVE-2011-2105, CVE-2011-2106, CVE-2011-2107

危険性：High Risk

Scull

ソフト名：Adobe Flash Player 10.2.153.1以下 (Windows, Macintosh, Linux, Solaris)/10.2.154.25以下 (Chrome)/10.2.156.12以下 (Android), Adobe Acrobat 9.x/X 10.0.2以下 (Windows, Macintosh), Adobe Reader 9.x/X 10.0.2以下 (Windows, Macintosh), Google Chrome 10.x

回避策：未対応

脆弱性：システムアクセス, 未特定のエラー, リモートコード実行, Word文書(.doc)の悪用

ソース：http://www.adobe.com/products/flashplayer/

http://www.adobe.com/products/acrobat.html

http://www.adobe.com/products/reader.html

http://www.google.co.jp/chrome/intl/ja/landing_ff.html

http://www.adobe.com/support/security/advisories/apsa11-02.html

http://blogs.adobe.com/psirt/2011/04/security-advisory-for-adobe-flash-player-adobe-reader-and-acrobat-apsa11-02.html

http://contagiodump.blogspot.com/2011/04/apr-8-cve-2011-0611-flash-player-zero.html

http://secunia.com/advisories/44119/

http://secunia.com/advisories/44141/

http://secunia.com/advisories/44149/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611

CVE：CVE-2011-0611

危険性：High Risk

Scull

ソフト名：Adobe Flash Player 10.2.152.33以下 (Windows, Macintosh, Linux, Solaris)/10.2.154.18以下 (Chrome)/10.1.106.16以下 (Android), Adobe Acrobat 9.x/X 10.0.1以下, Adobe Reader 9.x/X 10.0.1以下, Google Chrome 10.x
回避策：未対応
脆弱性：システムアクセス, 未特定のエラー, リモートコード実行
ソース：http://www.adobe.com/products/flashplayer/
http://www.adobe.com/products/acrobat.html
http://www.adobe.com/products/reader.html
http://www.google.co.jp/chrome/intl/ja/landing_ch.html
http://www.adobe.com/support/security/advisories/apsa11-01.html
http://secunia.com/advisories/43751/
http://secunia.com/advisories/43757/
http://secunia.com/advisories/43772/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0609
CVE：CVE-2011-0609
危険性：High Risk

Scull

Scull

ソフト名：Adobe Acrobat 9.0～9.4, Adobe Flash Player 10.1.85.3/10.1.95.2, Adobe Reader 9.0～9.4
回避策：APSA10-05にて対応
脆弱性：リモートコード実行, 権限の昇格, メモリ破壊
ソース：http://www.adobe.com/support/security/advisories/apsa10-05.html
http://www.securityfocus.com/bid/44504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654
http://secunia.com/advisories/41917
http://secunia.com/advisories/42030
http://secunia.com/advisories/42031
http://www.kb.cert.org/vuls/id/298081
http://www.vupen.com/english/advisories/2010/2810
http://www.vupen.com/english/advisories/2010/2811
CVE：CVE-2010-3654
危険性：High Risk

Scull

Scull

ソフト名：Adobe Acrobat 8.0～9.3.4（Standard, Professional）, Adobe Flash Player 10.1.82.76/10.1.92.10, Adobe Reader 8.0～9.3.4
回避策：未対応
脆弱性：リモートコード実行, 不特定のエラー, 権限の昇格, メモリ破壊
ソース：http://blogs.adobe.com/psirt/2010/09/security-advisory-for-adobe-flash-player-apsa10-03.html
http://www.adobe.com/support/security/advisories/apsa10-03.html
http://www.google.com/chrome/intl/ja/landing.html?hl=ja
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884
http://secunia.com/advisories/41434
http://secunia.com/advisories/41435
http://secunia.com/advisories/41443
http://www.vupen.com/english/advisories/2010/2348
http://www.vupen.com/english/advisories/2010/2349
CVE：CVE-2010-2884
危険性：High Risk

Scull

ソフト名：Adobe Acrobat 6.0～9.3.3（Professional）, Adobe Reader 6.0～9.3.3
回避策：未対応
脆弱性：セキュリティの強度不足
ソース：http://pdfsig-collision.florz.de/
http://www.securityfocus.com/bid/42377
危険性：Low Risk

Scull

ソフト名：Adobe Acrobat 9.3.3, Adobe Reader 8.2.3/9.3.3
回避策：APSB10-17にて対応
脆弱性：整数オーバーフロー, リモートコード実行, アプリケーションのクラッシュ
ソース：http://www.adobe.com/
http://www.adobe.com/support/security/bulletins/apsb10-17.html
http://securityevaluators.com/files/papers/CrashAnalysis.pdf
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2862
http://secunia.com/advisories/40766
http://www.vupen.com/english/advisories/2010/2004
CVE：CVE-2010-2862
危険性：High Risk

Scull

Scull

ソフト名：Adobe Acrobat 9.0 Standard/9.1 Standard, Adobe Acrobat 9.0～9.3.2, Adobe Flash Player 10.0.45.2, Adobe Reader 9.0～9.3.2
回避策：未対応
脆弱性：リモートコード実行, 権限の昇格
ソース：http://www.adobe.com/support/security/advisories/apsa10-01.html
http://www.iss.net/threats/369.html
http://www.securityfocus.com/bid/40586
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297
http://secunia.com/advisories/40026
http://secunia.com/advisories/40034
http://www.vupen.com/english/advisories/2010/1348
http://www.vupen.com/english/advisories/2010/1349
CVE：CVE-2010-1297
危険性：High Risk

Kouji

ソフト名：Adobe Acrobat 8.0～9.2, Adobe Reader 8.0～9.2
回避策：パッチのインストール（APSB10-02）
脆弱性：バッファオーバーフロー, リモートコード実行, ブラウザのクラッシュ
ソース：http://www.adobe.com/support/security/bulletins/apsb10-02.html
http://www.zerodayinitiative.com/advisories/ZDI-10-077/
http://www.securityfocus.com/bid/39615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1278
CVE：CVE-2010-1278
危険性：High Risk

Scull

Scull

ソフト名：Adobe Acrobat/Reader 9.0
回避策：あり
脆弱性：未知の脆弱性
ソース：http://www.adobe.com/support/security/bulletins/apsb10-07.html
CVE：CVE-2010-0188
危険性：High Risk

Daily Vuln Watch Japan

2011-09-16

Adobe Acrobat, Adobe Reader

2011-06-17

Adobe Acrobat, Adobe Reader

2011-04-13

Adobe Flash Player, Adobe Acrobat, Adobe Reader, Google Chrome

2011-03-16

Adobe Flash Player, Adobe Acrobat, Adobe Reader, Google Chrome

2011-02-11

Adobe Flash Player, Adobe Acrobat, Adobe Reader, Red Hat Enterprise Linux

2010-11-03

Adobe Acrobat, Adobe Flash Player, Adobe Reader

2010-10-08

Adobe Acrobat, Adobe Reader

2010-09-17

Adobe Acrobat, Adobe Flash Player, Adobe Reader

2010-08-18

Adobe Acrobat, Adobe Reader

2010-08-06

Adobe Acrobat, Adobe Reader

2010-06-30

Adobe Acrobat, Adobe Reader

2010-06-08

Adobe Acrobat Standard, Adobe Acrobat, Adobe Flash Player, Adobe Reader

2010-04-24

Adobe Acrobat, Adobe Reader

2010-04-16

Adobe Acrobat, Adobe Reader

2010-02-17

Adobe Acrobat/Reader

Calendar

このブログを検索

ブログアーカイブ

Blogram投票ボタン

グーバーウォーク

参加ユーザー

JVNRSS Feed - Update Entry

ラベル

2011-09-16

2011-06-17

2011-04-13

2011-03-16

2011-02-11

2010-11-03

2010-10-08

2010-09-17

2010-08-18

2010-08-06

2010-06-30

2010-06-08

2010-04-24

2010-04-16

2010-02-17

Calendar

このブログを検索

ブログ アーカイブ

Blogram投票ボタン

グーバーウォーク

参加ユーザー

JVNRSS Feed - Update Entry

ラベル

ブログアーカイブ