CVE-2012-0777 — MEDIUM (6.8)

Q: How severe is CVE-2012-0777?

CVE-2012-0777 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2012-0777?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat Reader, Apple Mac Os X, Linux Linux Kernel, Adobe Acrobat.

Vulnerability Description

The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Adobe	Acrobat Reader	>= 9.0, < 9.5.1
Apple	Mac Os X	-
Linux	Linux Kernel	-
Adobe	Acrobat	>= 9.0, < 9.5.1

Related Weaknesses (CWE)

CWE-119

References

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00013.htmlBroken LinkMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00016.htmlBroken LinkMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00017.htmlBroken LinkMailing ListThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0469.htmlThird Party Advisory
http://secunia.com/advisories/48756Broken Link
http://secunia.com/advisories/48846Broken Link
http://www.adobe.com/support/security/bulletins/apsb12-08.htmlVendor Advisory
http://www.securityfocus.com/bid/52950Broken LinkThird Party AdvisoryVDB Entry
http://www.securitytracker.com/id?1026908Broken LinkThird Party AdvisoryVDB Entry
http://www.us-cert.gov/cas/techalerts/TA12-101B.htmlMitigationThird Party AdvisoryUS Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/74735Third Party AdvisoryVDB Entry
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00013.htmlBroken LinkMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00016.htmlBroken LinkMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00017.htmlBroken LinkMailing ListThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0469.htmlThird Party Advisory

FAQ

What is CVE-2012-0777?

CVE-2012-0777 is a vulnerability with a CVSS score of 6.8 (MEDIUM). The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption)...

How severe is CVE-2012-0777?

CVE-2012-0777 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-0777?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat Reader, Apple Mac Os X, Linux Linux Kernel, Adobe Acrobat.