CVE-2011-2437: Buffer Overflow
First published: Thu Sep 15 2011(Updated: )
Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2434.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat Reader Notification Manager | =8.0 | |
| Adobe Acrobat Reader Notification Manager | =8.1 | |
| Adobe Acrobat Reader Notification Manager | =8.1.1 | |
| Adobe Acrobat Reader Notification Manager | =8.1.2 | |
| Adobe Acrobat Reader Notification Manager | =8.1.3 | |
| Adobe Acrobat Reader Notification Manager | =8.1.4 | |
| Adobe Acrobat Reader Notification Manager | =8.1.5 | |
| Adobe Acrobat Reader Notification Manager | =8.1.6 | |
| Adobe Acrobat Reader Notification Manager | =8.1.7 | |
| Adobe Acrobat Reader Notification Manager | =8.2 | |
| Adobe Acrobat Reader Notification Manager | =8.2.1 | |
| Adobe Acrobat Reader Notification Manager | =8.2.2 | |
| Adobe Acrobat Reader Notification Manager | =8.2.3 | |
| Adobe Acrobat Reader Notification Manager | =8.2.4 | |
| Adobe Acrobat Reader Notification Manager | =8.2.6 | |
| Adobe Acrobat Reader Notification Manager | =8.3 | |
| Adobe Acrobat Reader Notification Manager | =9.0 | |
| Adobe Acrobat Reader Notification Manager | =9.1 | |
| Adobe Acrobat Reader Notification Manager | =9.1.1 | |
| Adobe Acrobat Reader Notification Manager | =9.1.2 | |
| Adobe Acrobat Reader Notification Manager | =9.1.3 | |
| Adobe Acrobat Reader Notification Manager | =9.2 | |
| Adobe Acrobat Reader Notification Manager | =9.3 | |
| Adobe Acrobat Reader Notification Manager | =9.3.1 | |
| Adobe Acrobat Reader Notification Manager | =9.3.2 | |
| Adobe Acrobat Reader Notification Manager | =9.3.3 | |
| Adobe Acrobat Reader Notification Manager | =9.3.4 | |
| Adobe Acrobat Reader Notification Manager | =9.4 | |
| Adobe Acrobat Reader Notification Manager | =9.4.1 | |
| Adobe Acrobat Reader Notification Manager | =9.4.2 | |
| Adobe Acrobat Reader Notification Manager | =9.4.3 | |
| Adobe Acrobat Reader Notification Manager | =9.4.4 | |
| Adobe Acrobat Reader Notification Manager | =10.0 | |
| Adobe Acrobat Reader Notification Manager | =10.0.1 | |
| Adobe Acrobat Reader Notification Manager | =10.0.2 | |
| Adobe Acrobat Reader Notification Manager | =10.0.3 | |
| Adobe Acrobat Reader | =8.0 | |
| Adobe Acrobat Reader | =8.1 | |
| Adobe Acrobat Reader | =8.1.1 | |
| Adobe Acrobat Reader | =8.1.2 | |
| Adobe Acrobat Reader | =8.1.3 | |
| Adobe Acrobat Reader | =8.1.4 | |
| Adobe Acrobat Reader | =8.1.5 | |
| Adobe Acrobat Reader | =8.1.6 | |
| Adobe Acrobat Reader | =8.1.7 | |
| Adobe Acrobat Reader | =8.2 | |
| Adobe Acrobat Reader | =8.2.1 | |
| Adobe Acrobat Reader | =8.2.2 | |
| Adobe Acrobat Reader | =8.2.3 | |
| Adobe Acrobat Reader | =8.2.4 | |
| Adobe Acrobat Reader | =8.2.5 | |
| Adobe Acrobat Reader | =8.2.6 | |
| Adobe Acrobat Reader | =9.0 | |
| Adobe Acrobat Reader | =9.1 | |
| Adobe Acrobat Reader | =9.1.1 | |
| Adobe Acrobat Reader | =9.1.2 | |
| Adobe Acrobat Reader | =9.1.3 | |
| Adobe Acrobat Reader | =9.2 | |
| Adobe Acrobat Reader | =9.3 | |
| Adobe Acrobat Reader | =9.3.1 | |
| Adobe Acrobat Reader | =9.3.2 | |
| Adobe Acrobat Reader | =9.3.3 | |
| Adobe Acrobat Reader | =9.3.4 | |
| Adobe Acrobat Reader | =9.4 | |
| Adobe Acrobat Reader | =9.4.1 | |
| Adobe Acrobat Reader | =9.4.2 | |
| Adobe Acrobat Reader | =9.4.3 | |
| Adobe Acrobat Reader | =9.4.4 | |
| Adobe Acrobat Reader | =9.4.5 | |
| Adobe Acrobat Reader | =10.0 | |
| Adobe Acrobat Reader | =10.0.1 | |
| Adobe Acrobat Reader | =10.0.2 | |
| Adobe Acrobat Reader | =10.0.3 | |
| Adobe Acrobat Reader | =10.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.adobe.com/support/security/bulletins/apsb11-24.html
- http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00012.html
- http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00025.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13984
Frequently Asked Questions
What is the severity of CVE-2011-2437?
CVE-2011-2437 has a severity rating of critical due to the potential for remote code execution.
How do I fix CVE-2011-2437?
To fix CVE-2011-2437, update to Adobe Reader and Acrobat version 8.3.1, 9.4.6, or 10.1.1 or later.
Which versions of Adobe Reader are affected by CVE-2011-2437?
Adobe Reader versions 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 are affected by CVE-2011-2437.
What type of vulnerability is CVE-2011-2437?
CVE-2011-2437 is a heap-based buffer overflow vulnerability.
What is the potential impact of CVE-2011-2437?
CVE-2011-2437 allows attackers to execute arbitrary code if exploited.
- agent/type
- agent/severity
- agent/weakness
- agent/references
- agent/remedy
- agent/author
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/adobe
- canonical/adobe acrobat reader notification manager
- version/adobe acrobat reader notification manager/8.0
- version/adobe acrobat reader notification manager/8.1
- version/adobe acrobat reader notification manager/8.1.1
- version/adobe acrobat reader notification manager/8.1.2
- version/adobe acrobat reader notification manager/8.1.3
- version/adobe acrobat reader notification manager/8.1.4
- version/adobe acrobat reader notification manager/8.1.5
- version/adobe acrobat reader notification manager/8.1.6
- version/adobe acrobat reader notification manager/8.1.7
- version/adobe acrobat reader notification manager/8.2
- version/adobe acrobat reader notification manager/8.2.1
- version/adobe acrobat reader notification manager/8.2.2
- version/adobe acrobat reader notification manager/8.2.3
- version/adobe acrobat reader notification manager/8.2.4
- version/adobe acrobat reader notification manager/8.2.6
- version/adobe acrobat reader notification manager/8.3
- version/adobe acrobat reader notification manager/9.0
- version/adobe acrobat reader notification manager/9.1
- version/adobe acrobat reader notification manager/9.1.1
- version/adobe acrobat reader notification manager/9.1.2
- version/adobe acrobat reader notification manager/9.1.3
- version/adobe acrobat reader notification manager/9.2
- version/adobe acrobat reader notification manager/9.3
- version/adobe acrobat reader notification manager/9.3.1
- version/adobe acrobat reader notification manager/9.3.2
- version/adobe acrobat reader notification manager/9.3.3
- version/adobe acrobat reader notification manager/9.3.4
- version/adobe acrobat reader notification manager/9.4
- version/adobe acrobat reader notification manager/9.4.1
- version/adobe acrobat reader notification manager/9.4.2
- version/adobe acrobat reader notification manager/9.4.3
- version/adobe acrobat reader notification manager/9.4.4
- version/adobe acrobat reader notification manager/10.0
- version/adobe acrobat reader notification manager/10.0.1
- version/adobe acrobat reader notification manager/10.0.2
- version/adobe acrobat reader notification manager/10.0.3
- canonical/adobe acrobat reader
- version/adobe acrobat reader/8.0
- version/adobe acrobat reader/8.1
- version/adobe acrobat reader/8.1.1
- version/adobe acrobat reader/8.1.2
- version/adobe acrobat reader/8.1.3
- version/adobe acrobat reader/8.1.4
- version/adobe acrobat reader/8.1.5
- version/adobe acrobat reader/8.1.6
- version/adobe acrobat reader/8.1.7
- version/adobe acrobat reader/8.2
- version/adobe acrobat reader/8.2.1
- version/adobe acrobat reader/8.2.2
- version/adobe acrobat reader/8.2.3
- version/adobe acrobat reader/8.2.4
- version/adobe acrobat reader/8.2.5
- version/adobe acrobat reader/8.2.6
- version/adobe acrobat reader/9.0
- version/adobe acrobat reader/9.1
- version/adobe acrobat reader/9.1.1
- version/adobe acrobat reader/9.1.2
- version/adobe acrobat reader/9.1.3
- version/adobe acrobat reader/9.2
- version/adobe acrobat reader/9.3
- version/adobe acrobat reader/9.3.1
- version/adobe acrobat reader/9.3.2
- version/adobe acrobat reader/9.3.3
- version/adobe acrobat reader/9.3.4
- version/adobe acrobat reader/9.4
- version/adobe acrobat reader/9.4.1
- version/adobe acrobat reader/9.4.2
- version/adobe acrobat reader/9.4.3
- version/adobe acrobat reader/9.4.4
- version/adobe acrobat reader/9.4.5
- version/adobe acrobat reader/10.0
- version/adobe acrobat reader/10.0.1
- version/adobe acrobat reader/10.0.2
- version/adobe acrobat reader/10.0.3
- version/adobe acrobat reader/10.1