copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2016.0624 - [Win][OSX] Adobe Acrobat and Reader: Execute arbitrary code/commands - Remote with user interaction

Date: 09 March 2016

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2016.0624
          Security Updates Available for Adobe Acrobat and Reader
                               9 March 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Adobe Acrobat
                   Adobe Reader
Publisher:         Adobe
Operating System:  Windows
                   OS X
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2016-1009 CVE-2016-1008 CVE-2016-1007

Original Bulletin: 
   https://helpx.adobe.com/security/products/acrobat/apsb16-09.html

- --------------------------BEGIN INCLUDED TEXT--------------------

Adobe Security Bulletin

Security Updates Available for Adobe Acrobat and Reader

Release date: March 3, 2016

Last updated: March 8, 2016

Vulnerability identifier: APSB16-09

Priority: 2

CVE Numbers: CVE-2016-1007, CVE-2016-1008, CVE-2016-1009

Platform: Windows and Macintosh

Summary

Adobe has released security updates for Adobe Acrobat and Reader for Windows 
and Macintosh. These updates address critical vulnerabilities that could 
potentially allow an attacker to take control of the affected system.

Affected Versions

Product 		Track 		Affected Versions 			Platform

Acrobat DC		Continuous 	15.010.20059 and earlier versions	Windows and Macintosh

Acrobat Reader DC 	Continuous 	15.010.20059 and earlier versions	Windows and Macintosh

Acrobat DC 		Classic 	15.006.30119 and earlier versions	Windows and Macintosh

Acrobat Reader DC 	Classic 	15.006.30119 and earlier versions	Windows and Macintosh

Acrobat XI 		Desktop 	11.0.14 and earlier versions 		Windows and Macintosh

Reader XI 		Desktop 	11.0.14 and earlier versions 		Windows and Macintosh

For questions regarding Acrobat DC, please visit the Acrobat DC FAQ page. For
questions regarding Acrobat Reader DC, please visit the Acrobat Reader DC FAQ
page.

Solution

Adobe recommends users update their software installations to the latest 
versions by following the instructions below.

The latest product versions are available to end users via one of the 
following methods:

Users can update their product installations manually by choosing Help > Check
for Updates.

The products will update automatically, without requiring user intervention, 
when updates are detected.

The full Acrobat Reader installer can be downloaded from the Acrobat Reader 
Download Center.

For IT administrators (managed environments):

Download the enterprise installers from ftp://ftp.adobe.com/pub/adobe/, or 
refer to the specific release note version for links to installers.

Install updates via your preferred methodology, such as AIP-GPO, bootstrapper,
SCUP/SCCM (Windows), or on Macintosh, Apple Remote Desktop and SSH.

Product 		Track 		Updated Versions 	Platform 		Priority rating 	Availability

Acrobat DC 		Continuous 	15.010.20060		Windows and  		2			Windows
								Macintosh					Macintosh

Acrobat Reader DC 	Continuous 	15.010.20060		Windows and 		2 			Download Center
								Macintosh 

Acrobat DC 		Classic 	15.006.30121		Windows and 		2 			Windows
								Macintosh					Macintosh

Acrobat Reader DC 	Classic 	15.006.30121		Windows and 		2 			Windows
								Macintosh 					Macintosh

Acrobat XI 		Desktop 	11.0.15 		Windows and 		2 			Windows
								Macintosh 					Macintosh

Reader XI 		Desktop 	11.0.15 		Windows and 		2 			Windows
								Macintosh 					Macintosh

Vulnerability Details

These updates resolve memory corruption vulnerabilities that could lead to 
code execution (CVE-2016-1007, CVE-2016-1009).

These updates resolve a vulnerability in the directory search path used to 
find resources that could lead to code execution (CVE-2016-1008).

Acknowledgements

Adobe would like to thank the following individuals and organizations for 
reporting the relevant issues and for working with Adobe to help protect our 
customers:

AbdulAziz Hariri of HPE's Zero Day Initiative (CVE-2016-1007)

AbdulAziz Hariri and Jasiel Spelman of HPE's Zero Day Initiative 
(CVE-2016-1008)

Jaanus Kp of Clarified Security, working with HPE's Zero Day Initiative 
(CVE-2016-1009)

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVt9sfH6ZAP0PgtI9AQKKhBAAq2QNDogfpd+iVwO53v286OEebpykXS91
ki5hANBRs17IYlVj/d/kmrqWVp6w3Hb5EK3CpbT3hUsnm5MEoG8k3qUbetWcMfpV
qJl0bMiWrf3baomo2lu0lbUI54/dNHDcdfQZDpHCzCkw1X5G6q/zUU4uy1vX2A68
9Q+sndFmUMTvZ5aa6J7lt0kLnOAt3L35TvEHoJSu2CwcjocyqIWeIxfoM72GEnjA
Nnk3crSBLzB5soZIZoZeG8OUrXA5HcRTgi9aSE4wdiCjiVbkbgjxGuLY5G0OtTaY
XG6uYse5qWmRLT1yHtBJ2CdMjI5KIxvQzWpmuKBSbM0JoNoBY7jV9l33RkfbElJv
9D5JUVpBDaWjWdEFzRJUizbKN+kg0FgX++BsGqe66pw49+WDZ8Q+dwmyr+kpFupG
1xslggGtl9pqehONDaRKx/CwwTzuGVZuID3B7Bcn/24Y04kFaiXwhGCFijGTg4CV
EilV6YLijCdHSsmWn8+gd6ovpqD+Ei1UCJp4lRlboFj2rVVGsAsfxVam1eCVdzXH
F8SzhVa/1q8PShATJfy19Avs+zUCQoaonUBycZZWP9tqHhTq9lO2PvSyoDXmo1dB
6S7idywCfjujDlU8BLSVB5uMO/K6PPOUQPr3mUZ35zPhytPrFdAc4RB0gN8IGsV5
tfW0NPXCaaQ=
=1/3P
-----END PGP SIGNATURE-----