CVE-2011-0562

Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0570 and CVE-2011-0588.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
Affected Products (NVD)
VendorProductVersion
adobeacrobat_reader
8.0
adobeacrobat_reader
8.1
adobeacrobat_reader
8.1.1
adobeacrobat_reader
8.1.2
adobeacrobat_reader
8.1.4
adobeacrobat_reader
8.1.5
adobeacrobat_reader
8.1.6
adobeacrobat_reader
8.1.7
adobeacrobat_reader
8.2
adobeacrobat_reader
8.2.1
adobeacrobat_reader
8.2.2
adobeacrobat_reader
8.2.3
adobeacrobat_reader
8.2.4
adobeacrobat_reader
9.0
adobeacrobat_reader
9.1
adobeacrobat_reader
9.1.1
adobeacrobat_reader
9.1.2
adobeacrobat_reader
9.1.3
adobeacrobat_reader
9.2
adobeacrobat_reader
9.3
adobeacrobat_reader
9.3.1
adobeacrobat_reader
9.3.2
adobeacrobat_reader
9.3.3
adobeacrobat_reader
9.3.4
adobeacrobat_reader
9.4
adobeacrobat_reader
9.4.1
adobeacrobat_reader
10.0
adobeacrobat
8.0
adobeacrobat
8.1
adobeacrobat
8.1.1
adobeacrobat
8.1.2
adobeacrobat
8.1.3
adobeacrobat
8.1.4
adobeacrobat
8.1.5
adobeacrobat
8.1.6
adobeacrobat
8.1.7
adobeacrobat
8.2
adobeacrobat
8.2.1
adobeacrobat
8.2.2
adobeacrobat
8.2.3
adobeacrobat
8.2.4
adobeacrobat
9.0
adobeacrobat
9.1
adobeacrobat
9.1.1
adobeacrobat
9.1.2
adobeacrobat
9.1.3
adobeacrobat
9.2
adobeacrobat
9.3
adobeacrobat
9.3.1
adobeacrobat
9.3.2
adobeacrobat
9.3.3
adobeacrobat
9.3.4
adobeacrobat
9.4
adobeacrobat
9.4.1
adobeacrobat
10.0
𝑥
= Vulnerable software versions
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
acroread
RHEL 6
0:9.4.2-3.el6_0
fixed
acroread-plugin
RHEL 6
0:9.4.2-3.el6_0
fixed
References
http://secunia.com/advisories/43470
http://www.acrossecurity.com/aspr/ASPR-2011-02-11-1-PUB.txt
http://www.adobe.com/support/security/bulletins/apsb11-03.html
http://www.redhat.com/support/errata/RHSA-2011-0301.html
http://www.securityfocus.com/archive/1/516399/100/0/threaded
http://www.securityfocus.com/bid/46252
http://www.securitytracker.com/id?1025033
http://www.vupen.com/english/advisories/2011/0337
http://www.vupen.com/english/advisories/2011/0492
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12555
http://secunia.com/advisories/43470
http://www.acrossecurity.com/aspr/ASPR-2011-02-11-1-PUB.txt
http://www.adobe.com/support/security/bulletins/apsb11-03.html
http://www.redhat.com/support/errata/RHSA-2011-0301.html
http://www.securityfocus.com/archive/1/516399/100/0/threaded
http://www.securityfocus.com/bid/46252
http://www.securitytracker.com/id?1025033
http://www.vupen.com/english/advisories/2011/0337
http://www.vupen.com/english/advisories/2011/0492
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12555