Arbitrary code execution vulnerability in Adobe Reader (Mac OSX) (VI)ID: oval:org.secpod.oval:def:2086 | Date: (C)2011-08-31 (M)2023-11-26 |
Class: VULNERABILITY | Family: macos |
The host is installed with Adobe Reader 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 and is prone to arbitrary code execution vulnerability. A flaw is present in U3D component, which fails to properly validate Parent Node count that calculates the size of an allocation. The result of this size calculation can be wrapped to an unexpectedly small and insufficient value causing buffer-out-of-bound condition. Successful exploitation allows remote attackers to execute arbitrary code under the context of the application.
Platform: |
Apple Mac OS 14 |
Apple Mac OS 13 |
Apple Mac OS 12 |
Apple Mac OS 11 |
Apple Mac OS X 10.15 |
Apple Mac OS X 10.14 |
Apple Mac OS X 10.13 |
Apple Mac OS X 10.8 |
Apple Mac OS X 10.9 |
Apple Mac OS X 10.10 |
Apple Mac OS X 10.11 |
Apple Mac OS X 10.12 |
Apple Mac OS X Server 10.8 |
Apple Mac OS X Server 10.9 |
Apple Mac OS X Server 10.10 |
Apple Mac OS X Server 10.11 |
Apple Mac OS X Server 10.12 |