CVE-2011-2100
First published: Thu Jun 16 2011(Updated: )
Untrusted search path vulnerability in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat Reader Notification Manager | =8.0 | |
| Adobe Acrobat Reader Notification Manager | =8.1 | |
| Adobe Acrobat Reader Notification Manager | =8.1.1 | |
| Adobe Acrobat Reader Notification Manager | =8.1.2 | |
| Adobe Acrobat Reader Notification Manager | =8.1.3 | |
| Adobe Acrobat Reader Notification Manager | =8.1.4 | |
| Adobe Acrobat Reader Notification Manager | =8.1.5 | |
| Adobe Acrobat Reader Notification Manager | =8.1.6 | |
| Adobe Acrobat Reader Notification Manager | =8.1.7 | |
| Adobe Acrobat Reader Notification Manager | =8.2 | |
| Adobe Acrobat Reader Notification Manager | =8.2.1 | |
| Adobe Acrobat Reader Notification Manager | =8.2.2 | |
| Adobe Acrobat Reader Notification Manager | =8.2.3 | |
| Adobe Acrobat Reader Notification Manager | =8.2.4 | |
| Adobe Acrobat Reader Notification Manager | =8.2.6 | |
| Adobe Acrobat Reader Notification Manager | =9.0 | |
| Adobe Acrobat Reader Notification Manager | =9.1 | |
| Adobe Acrobat Reader Notification Manager | =9.1.1 | |
| Adobe Acrobat Reader Notification Manager | =9.1.2 | |
| Adobe Acrobat Reader Notification Manager | =9.1.3 | |
| Adobe Acrobat Reader Notification Manager | =9.2 | |
| Adobe Acrobat Reader Notification Manager | =9.3 | |
| Adobe Acrobat Reader Notification Manager | =9.3.1 | |
| Adobe Acrobat Reader Notification Manager | =9.3.2 | |
| Adobe Acrobat Reader Notification Manager | =9.3.3 | |
| Adobe Acrobat Reader Notification Manager | =9.3.4 | |
| Adobe Acrobat Reader Notification Manager | =9.4 | |
| Adobe Acrobat Reader Notification Manager | =9.4.1 | |
| Adobe Acrobat Reader Notification Manager | =9.4.2 | |
| Adobe Acrobat Reader Notification Manager | =9.4.3 | |
| Adobe Acrobat Reader Notification Manager | =9.4.4 | |
| Adobe Acrobat Reader Notification Manager | =10.0 | |
| Adobe Acrobat Reader Notification Manager | =10.0.1 | |
| Adobe Acrobat Reader Notification Manager | =10.0.2 | |
| Adobe Acrobat Reader Notification Manager | =10.0.3 | |
| Microsoft Windows | ||
| Adobe Acrobat Reader | =8.0 | |
| Adobe Acrobat Reader | =8.1 | |
| Adobe Acrobat Reader | =8.1.1 | |
| Adobe Acrobat Reader | =8.1.2 | |
| Adobe Acrobat Reader | =8.1.3 | |
| Adobe Acrobat Reader | =8.1.4 | |
| Adobe Acrobat Reader | =8.1.5 | |
| Adobe Acrobat Reader | =8.1.6 | |
| Adobe Acrobat Reader | =8.1.7 | |
| Adobe Acrobat Reader | =8.2 | |
| Adobe Acrobat Reader | =8.2.1 | |
| Adobe Acrobat Reader | =8.2.2 | |
| Adobe Acrobat Reader | =8.2.3 | |
| Adobe Acrobat Reader | =8.2.4 | |
| Adobe Acrobat Reader | =8.2.5 | |
| Adobe Acrobat Reader | =8.2.6 | |
| Adobe Acrobat Reader | =9.0 | |
| Adobe Acrobat Reader | =9.1 | |
| Adobe Acrobat Reader | =9.1.1 | |
| Adobe Acrobat Reader | =9.1.2 | |
| Adobe Acrobat Reader | =9.1.3 | |
| Adobe Acrobat Reader | =9.2 | |
| Adobe Acrobat Reader | =9.3 | |
| Adobe Acrobat Reader | =9.3.1 | |
| Adobe Acrobat Reader | =9.3.2 | |
| Adobe Acrobat Reader | =9.3.3 | |
| Adobe Acrobat Reader | =9.3.4 | |
| Adobe Acrobat Reader | =9.4 | |
| Adobe Acrobat Reader | =9.4.1 | |
| Adobe Acrobat Reader | =9.4.2 | |
| Adobe Acrobat Reader | =9.4.3 | |
| Adobe Acrobat Reader | =9.4.4 | |
| Adobe Acrobat Reader | =10.0 | |
| Adobe Acrobat Reader | =10.0.1 | |
| Adobe Acrobat Reader | =10.0.2 | |
| Adobe Acrobat Reader | =10.0.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.adobe.com/support/security/bulletins/apsb11-16.html
- http://www.securityfocus.com/bid/48252
- http://www.securitytracker.com/id?1025658
- http://osvdb.org/73062
- http://www.us-cert.gov/cas/techalerts/TA11-166A.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68014
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14057
Frequently Asked Questions
What is the severity of CVE-2011-2100?
CVE-2011-2100 is rated as critical due to the potential for local privilege escalation.
How do I fix CVE-2011-2100?
To fix CVE-2011-2100, update Adobe Reader and Acrobat to version 9.4.5 or later, or 10.1 or later.
Which versions of Adobe Reader are affected by CVE-2011-2100?
CVE-2011-2100 affects Adobe Reader and Acrobat versions 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows.
Can CVE-2011-2100 be exploited remotely?
No, CVE-2011-2100 requires local access to exploit the vulnerability.
What type of vulnerability is CVE-2011-2100?
CVE-2011-2100 is an untrusted search path vulnerability which enables local users to gain privileges via a malicious DLL.
- collector/nvd-historical
- agent/type
- agent/severity
- agent/weakness
- agent/references
- agent/remedy
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/adobe
- canonical/adobe acrobat reader notification manager
- version/adobe acrobat reader notification manager/8.0
- version/adobe acrobat reader notification manager/8.1
- version/adobe acrobat reader notification manager/8.1.1
- version/adobe acrobat reader notification manager/8.1.2
- version/adobe acrobat reader notification manager/8.1.3
- version/adobe acrobat reader notification manager/8.1.4
- version/adobe acrobat reader notification manager/8.1.5
- version/adobe acrobat reader notification manager/8.1.6
- version/adobe acrobat reader notification manager/8.1.7
- version/adobe acrobat reader notification manager/8.2
- version/adobe acrobat reader notification manager/8.2.1
- version/adobe acrobat reader notification manager/8.2.2
- version/adobe acrobat reader notification manager/8.2.3
- version/adobe acrobat reader notification manager/8.2.4
- version/adobe acrobat reader notification manager/8.2.6
- version/adobe acrobat reader notification manager/9.0
- version/adobe acrobat reader notification manager/9.1
- version/adobe acrobat reader notification manager/9.1.1
- version/adobe acrobat reader notification manager/9.1.2
- version/adobe acrobat reader notification manager/9.1.3
- version/adobe acrobat reader notification manager/9.2
- version/adobe acrobat reader notification manager/9.3
- version/adobe acrobat reader notification manager/9.3.1
- version/adobe acrobat reader notification manager/9.3.2
- version/adobe acrobat reader notification manager/9.3.3
- version/adobe acrobat reader notification manager/9.3.4
- version/adobe acrobat reader notification manager/9.4
- version/adobe acrobat reader notification manager/9.4.1
- version/adobe acrobat reader notification manager/9.4.2
- version/adobe acrobat reader notification manager/9.4.3
- version/adobe acrobat reader notification manager/9.4.4
- version/adobe acrobat reader notification manager/10.0
- version/adobe acrobat reader notification manager/10.0.1
- version/adobe acrobat reader notification manager/10.0.2
- version/adobe acrobat reader notification manager/10.0.3
- vendor/microsoft
- canonical/microsoft windows
- canonical/adobe acrobat reader
- version/adobe acrobat reader/8.0
- version/adobe acrobat reader/8.1
- version/adobe acrobat reader/8.1.1
- version/adobe acrobat reader/8.1.2
- version/adobe acrobat reader/8.1.3
- version/adobe acrobat reader/8.1.4
- version/adobe acrobat reader/8.1.5
- version/adobe acrobat reader/8.1.6
- version/adobe acrobat reader/8.1.7
- version/adobe acrobat reader/8.2
- version/adobe acrobat reader/8.2.1
- version/adobe acrobat reader/8.2.2
- version/adobe acrobat reader/8.2.3
- version/adobe acrobat reader/8.2.4
- version/adobe acrobat reader/8.2.5
- version/adobe acrobat reader/8.2.6
- version/adobe acrobat reader/9.0
- version/adobe acrobat reader/9.1
- version/adobe acrobat reader/9.1.1
- version/adobe acrobat reader/9.1.2
- version/adobe acrobat reader/9.1.3
- version/adobe acrobat reader/9.2
- version/adobe acrobat reader/9.3
- version/adobe acrobat reader/9.3.1
- version/adobe acrobat reader/9.3.2
- version/adobe acrobat reader/9.3.3
- version/adobe acrobat reader/9.3.4
- version/adobe acrobat reader/9.4
- version/adobe acrobat reader/9.4.1
- version/adobe acrobat reader/9.4.2
- version/adobe acrobat reader/9.4.3
- version/adobe acrobat reader/9.4.4
- version/adobe acrobat reader/10.0
- version/adobe acrobat reader/10.0.1
- version/adobe acrobat reader/10.0.2
- version/adobe acrobat reader/10.0.3