CVE-2011-0589: Buffer Overflow
First published: Thu Feb 10 2011(Updated: )
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat Reader Notification Manager | =8.0 | |
| Adobe Acrobat Reader Notification Manager | =8.1 | |
| Adobe Acrobat Reader Notification Manager | =8.1.1 | |
| Adobe Acrobat Reader Notification Manager | =8.1.2 | |
| Adobe Acrobat Reader Notification Manager | =8.1.4 | |
| Adobe Acrobat Reader Notification Manager | =8.1.5 | |
| Adobe Acrobat Reader Notification Manager | =8.1.6 | |
| Adobe Acrobat Reader Notification Manager | =8.1.7 | |
| Adobe Acrobat Reader Notification Manager | =8.2 | |
| Adobe Acrobat Reader Notification Manager | =8.2.1 | |
| Adobe Acrobat Reader Notification Manager | =8.2.2 | |
| Adobe Acrobat Reader Notification Manager | =8.2.3 | |
| Adobe Acrobat Reader Notification Manager | =8.2.4 | |
| Adobe Acrobat Reader Notification Manager | =9.0 | |
| Adobe Acrobat Reader Notification Manager | =9.1 | |
| Adobe Acrobat Reader Notification Manager | =9.1.1 | |
| Adobe Acrobat Reader Notification Manager | =9.1.2 | |
| Adobe Acrobat Reader Notification Manager | =9.1.3 | |
| Adobe Acrobat Reader Notification Manager | =9.2 | |
| Adobe Acrobat Reader Notification Manager | =9.3 | |
| Adobe Acrobat Reader Notification Manager | =9.3.1 | |
| Adobe Acrobat Reader Notification Manager | =9.3.2 | |
| Adobe Acrobat Reader Notification Manager | =9.3.3 | |
| Adobe Acrobat Reader Notification Manager | =9.3.4 | |
| Adobe Acrobat Reader Notification Manager | =9.4 | |
| Adobe Acrobat Reader Notification Manager | =9.4.1 | |
| Adobe Acrobat Reader Notification Manager | =10.0 | |
| Apple iOS and macOS | ||
| Microsoft Windows | ||
| Adobe Acrobat Reader | =8.0 | |
| Adobe Acrobat Reader | =8.1 | |
| Adobe Acrobat Reader | =8.1.1 | |
| Adobe Acrobat Reader | =8.1.2 | |
| Adobe Acrobat Reader | =8.1.3 | |
| Adobe Acrobat Reader | =8.1.4 | |
| Adobe Acrobat Reader | =8.1.5 | |
| Adobe Acrobat Reader | =8.1.6 | |
| Adobe Acrobat Reader | =8.1.7 | |
| Adobe Acrobat Reader | =8.2 | |
| Adobe Acrobat Reader | =8.2.1 | |
| Adobe Acrobat Reader | =8.2.2 | |
| Adobe Acrobat Reader | =8.2.3 | |
| Adobe Acrobat Reader | =8.2.4 | |
| Adobe Acrobat Reader | =9.0 | |
| Adobe Acrobat Reader | =9.1 | |
| Adobe Acrobat Reader | =9.1.1 | |
| Adobe Acrobat Reader | =9.1.2 | |
| Adobe Acrobat Reader | =9.1.3 | |
| Adobe Acrobat Reader | =9.2 | |
| Adobe Acrobat Reader | =9.3 | |
| Adobe Acrobat Reader | =9.3.1 | |
| Adobe Acrobat Reader | =9.3.2 | |
| Adobe Acrobat Reader | =9.3.3 | |
| Adobe Acrobat Reader | =9.3.4 | |
| Adobe Acrobat Reader | =9.4 | |
| Adobe Acrobat Reader | =9.4.1 | |
| Adobe Acrobat Reader | =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.adobe.com/support/security/bulletins/apsb11-03.html
- http://www.vupen.com/english/advisories/2011/0337
- http://www.securityfocus.com/bid/46202
- http://www.securitytracker.com/id?1025033
- http://www.redhat.com/support/errata/RHSA-2011-0301.html
- http://secunia.com/advisories/43470
- http://www.vupen.com/english/advisories/2011/0492
- http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00006.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65294
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12497
Frequently Asked Questions
What is the severity of CVE-2011-0589?
CVE-2011-0589 is considered to have high severity due to its potential to allow arbitrary code execution and cause denial of service.
How do I fix CVE-2011-0589?
To fix CVE-2011-0589, update Adobe Reader and Acrobat to the latest versions provided by Adobe, specifically 10.x to 10.0.1, 9.x to 9.4.2, or 8.x to 8.2.6.
Which versions of Adobe Reader are affected by CVE-2011-0589?
CVE-2011-0589 affects Adobe Reader versions 8.x before 8.2.6, 9.x before 9.4.2, and 10.x before 10.0.1.
What platforms are affected by CVE-2011-0589?
CVE-2011-0589 affects Adobe Reader and Acrobat on both Windows and Mac OS X platforms.
Is there a workaround for CVE-2011-0589?
The most effective workaround for CVE-2011-0589 is to disable JavaScript in Adobe Reader and Acrobat until the software can be updated.
- collector/nvd-historical
- agent/references
- agent/type
- agent/severity
- agent/author
- agent/remedy
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/adobe
- canonical/adobe acrobat reader notification manager
- version/adobe acrobat reader notification manager/8.0
- version/adobe acrobat reader notification manager/8.1
- version/adobe acrobat reader notification manager/8.1.1
- version/adobe acrobat reader notification manager/8.1.2
- version/adobe acrobat reader notification manager/8.1.4
- version/adobe acrobat reader notification manager/8.1.5
- version/adobe acrobat reader notification manager/8.1.6
- version/adobe acrobat reader notification manager/8.1.7
- version/adobe acrobat reader notification manager/8.2
- version/adobe acrobat reader notification manager/8.2.1
- version/adobe acrobat reader notification manager/8.2.2
- version/adobe acrobat reader notification manager/8.2.3
- version/adobe acrobat reader notification manager/8.2.4
- version/adobe acrobat reader notification manager/9.0
- version/adobe acrobat reader notification manager/9.1
- version/adobe acrobat reader notification manager/9.1.1
- version/adobe acrobat reader notification manager/9.1.2
- version/adobe acrobat reader notification manager/9.1.3
- version/adobe acrobat reader notification manager/9.2
- version/adobe acrobat reader notification manager/9.3
- version/adobe acrobat reader notification manager/9.3.1
- version/adobe acrobat reader notification manager/9.3.2
- version/adobe acrobat reader notification manager/9.3.3
- version/adobe acrobat reader notification manager/9.3.4
- version/adobe acrobat reader notification manager/9.4
- version/adobe acrobat reader notification manager/9.4.1
- version/adobe acrobat reader notification manager/10.0
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows
- canonical/adobe acrobat reader
- version/adobe acrobat reader/8.0
- version/adobe acrobat reader/8.1
- version/adobe acrobat reader/8.1.1
- version/adobe acrobat reader/8.1.2
- version/adobe acrobat reader/8.1.3
- version/adobe acrobat reader/8.1.4
- version/adobe acrobat reader/8.1.5
- version/adobe acrobat reader/8.1.6
- version/adobe acrobat reader/8.1.7
- version/adobe acrobat reader/8.2
- version/adobe acrobat reader/8.2.1
- version/adobe acrobat reader/8.2.2
- version/adobe acrobat reader/8.2.3
- version/adobe acrobat reader/8.2.4
- version/adobe acrobat reader/9.0
- version/adobe acrobat reader/9.1
- version/adobe acrobat reader/9.1.1
- version/adobe acrobat reader/9.1.2
- version/adobe acrobat reader/9.1.3
- version/adobe acrobat reader/9.2
- version/adobe acrobat reader/9.3
- version/adobe acrobat reader/9.3.1
- version/adobe acrobat reader/9.3.2
- version/adobe acrobat reader/9.3.3
- version/adobe acrobat reader/9.3.4
- version/adobe acrobat reader/9.4
- version/adobe acrobat reader/9.4.1
- version/adobe acrobat reader/10.0