What is the severity of CVE-2011-0570?

CVE-2011-0570 is classified as a critical severity vulnerability due to its potential for privilege escalation.

How do I fix CVE-2011-0570?

To remediate CVE-2011-0570, users should upgrade to Adobe Reader and Acrobat versions 10.0.1, 9.4.2, or 8.2.6 or later.

Who is affected by CVE-2011-0570?

CVE-2011-0570 affects Adobe Reader and Acrobat versions prior to 10.0.1, 9.4.2, and 8.2.6 on Windows systems.

What type of vulnerability is CVE-2011-0570?

CVE-2011-0570 is an untrusted search path vulnerability that allows local users to exploit a Trojan horse DLL.

Can I mitigate CVE-2011-0570 if I cannot update immediately?

Mitigation for CVE-2011-0570 can be attempted by ensuring that untrusted DLLs are not placed in the current working directory.

Vulnerability/
CVE-2011-0570

medium

6.9

CWE

NVD-CWE-Other

10/2/2011

6/8/2024

CVE-2011-0570

First published: Thu Feb 10 2011(Updated: )

Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0588.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe Acrobat Reader Notification Manager	=8.0
Adobe Acrobat Reader Notification Manager	=8.1
Adobe Acrobat Reader Notification Manager	=8.1.1
Adobe Acrobat Reader Notification Manager	=8.1.2
Adobe Acrobat Reader Notification Manager	=8.1.4
Adobe Acrobat Reader Notification Manager	=8.1.5
Adobe Acrobat Reader Notification Manager	=8.1.6
Adobe Acrobat Reader Notification Manager	=8.1.7
Adobe Acrobat Reader Notification Manager	=8.2
Adobe Acrobat Reader Notification Manager	=8.2.1
Adobe Acrobat Reader Notification Manager	=8.2.2
Adobe Acrobat Reader Notification Manager	=8.2.3
Adobe Acrobat Reader Notification Manager	=8.2.4
Adobe Acrobat Reader Notification Manager	=9.0
Adobe Acrobat Reader Notification Manager	=9.1
Adobe Acrobat Reader Notification Manager	=9.1.1
Adobe Acrobat Reader Notification Manager	=9.1.2
Adobe Acrobat Reader Notification Manager	=9.1.3
Adobe Acrobat Reader Notification Manager	=9.2
Adobe Acrobat Reader Notification Manager	=9.3
Adobe Acrobat Reader Notification Manager	=9.3.1
Adobe Acrobat Reader Notification Manager	=9.3.2
Adobe Acrobat Reader Notification Manager	=9.3.3
Adobe Acrobat Reader Notification Manager	=9.3.4
Adobe Acrobat Reader Notification Manager	=9.4
Adobe Acrobat Reader Notification Manager	=9.4.1
Adobe Acrobat Reader Notification Manager	=10.0
Microsoft Windows Operating System
Adobe Acrobat Reader	=8.0
Adobe Acrobat Reader	=8.1
Adobe Acrobat Reader	=8.1.1
Adobe Acrobat Reader	=8.1.2
Adobe Acrobat Reader	=8.1.3
Adobe Acrobat Reader	=8.1.4
Adobe Acrobat Reader	=8.1.5
Adobe Acrobat Reader	=8.1.6
Adobe Acrobat Reader	=8.1.7
Adobe Acrobat Reader	=8.2
Adobe Acrobat Reader	=8.2.1
Adobe Acrobat Reader	=8.2.2
Adobe Acrobat Reader	=8.2.3
Adobe Acrobat Reader	=8.2.4
Adobe Acrobat Reader	=9.0
Adobe Acrobat Reader	=9.1
Adobe Acrobat Reader	=9.1.1
Adobe Acrobat Reader	=9.1.2
Adobe Acrobat Reader	=9.1.3
Adobe Acrobat Reader	=9.2
Adobe Acrobat Reader	=9.3
Adobe Acrobat Reader	=9.3.1
Adobe Acrobat Reader	=9.3.2
Adobe Acrobat Reader	=9.3.3
Adobe Acrobat Reader	=9.3.4
Adobe Acrobat Reader	=9.4
Adobe Acrobat Reader	=9.4.1
Adobe Acrobat Reader	=10.0

Remedy

http://www.adobe.com/support/security/bulletins/apsb11-03.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-0570?
CVE-2011-0570 is classified as a critical severity vulnerability due to its potential for privilege escalation.
How do I fix CVE-2011-0570?
To remediate CVE-2011-0570, users should upgrade to Adobe Reader and Acrobat versions 10.0.1, 9.4.2, or 8.2.6 or later.
Who is affected by CVE-2011-0570?
CVE-2011-0570 affects Adobe Reader and Acrobat versions prior to 10.0.1, 9.4.2, and 8.2.6 on Windows systems.
What type of vulnerability is CVE-2011-0570?
CVE-2011-0570 is an untrusted search path vulnerability that allows local users to exploit a Trojan horse DLL.
Can I mitigate CVE-2011-0570 if I cannot update immediately?
Mitigation for CVE-2011-0570 can be attempted by ensuring that untrusted DLLs are not placed in the current working directory.

collector/nvd-historical
agent/references
agent/type
agent/severity
agent/weakness
agent/remedy
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/adobe
canonical/adobe acrobat reader notification manager
version/adobe acrobat reader notification manager/8.0
version/adobe acrobat reader notification manager/8.1
version/adobe acrobat reader notification manager/8.1.1
version/adobe acrobat reader notification manager/8.1.2
version/adobe acrobat reader notification manager/8.1.4
version/adobe acrobat reader notification manager/8.1.5
version/adobe acrobat reader notification manager/8.1.6
version/adobe acrobat reader notification manager/8.1.7
version/adobe acrobat reader notification manager/8.2
version/adobe acrobat reader notification manager/8.2.1
version/adobe acrobat reader notification manager/8.2.2
version/adobe acrobat reader notification manager/8.2.3
version/adobe acrobat reader notification manager/8.2.4
version/adobe acrobat reader notification manager/9.0
version/adobe acrobat reader notification manager/9.1
version/adobe acrobat reader notification manager/9.1.1
version/adobe acrobat reader notification manager/9.1.2
version/adobe acrobat reader notification manager/9.1.3
version/adobe acrobat reader notification manager/9.2
version/adobe acrobat reader notification manager/9.3
version/adobe acrobat reader notification manager/9.3.1
version/adobe acrobat reader notification manager/9.3.2
version/adobe acrobat reader notification manager/9.3.3
version/adobe acrobat reader notification manager/9.3.4
version/adobe acrobat reader notification manager/9.4
version/adobe acrobat reader notification manager/9.4.1
version/adobe acrobat reader notification manager/10.0
vendor/microsoft
canonical/microsoft windows operating system
canonical/adobe acrobat reader
version/adobe acrobat reader/8.0
version/adobe acrobat reader/8.1
version/adobe acrobat reader/8.1.1
version/adobe acrobat reader/8.1.2
version/adobe acrobat reader/8.1.3
version/adobe acrobat reader/8.1.4
version/adobe acrobat reader/8.1.5
version/adobe acrobat reader/8.1.6
version/adobe acrobat reader/8.1.7
version/adobe acrobat reader/8.2
version/adobe acrobat reader/8.2.1
version/adobe acrobat reader/8.2.2
version/adobe acrobat reader/8.2.3
version/adobe acrobat reader/8.2.4
version/adobe acrobat reader/9.0
version/adobe acrobat reader/9.1
version/adobe acrobat reader/9.1.1
version/adobe acrobat reader/9.1.2
version/adobe acrobat reader/9.1.3
version/adobe acrobat reader/9.2
version/adobe acrobat reader/9.3
version/adobe acrobat reader/9.3.1
version/adobe acrobat reader/9.3.2
version/adobe acrobat reader/9.3.3
version/adobe acrobat reader/9.3.4
version/adobe acrobat reader/9.4
version/adobe acrobat reader/9.4.1
version/adobe acrobat reader/10.0