Main Threat Vectors
E-Mail; Web; Locally logged-on user
User Interaction Required
A vulnerability in Adobe Acrobat and Adobe Acrobat Reader may allow remote code execution. The flaw is specific to Acrobat and Acrobat Reader Versions 9.2 and earlier on Windows, Mac OS X, and Unix platforms. Upon exploitation an attacker could potentially take full control of a vulnerable system. Reports state that this vulnerabiltiy is being actively exploited in the wild. Various proof-of-concept exploits also exist.
High. This threat has gained media attention. Active exploitation has been reported from the field.
Generic buffer overflow protection is expected to cover code-execution exploits.
McAfee Network Security Platform
McAfee Vulnerability Manager
An upcoming FSL/MVM package will include a vulnerability check to assess if your systems are at risk.
McAfee values your feedback on this Security Advisory. Please reply to this mail with your comments.
*The information provided is only for the use and convenience of McAfee's customers in connection with their McAfee products, and applies only to the threats described herein. McAfee product coverage statements are limited to known attack vectors and should not be considered comprehensive. THE INFORMATION PROVIDED HEREIN IS PROVIDED "AS IS" AND IS SUBJECT TO CHANGE WITHOUT NOTICE.
The information contained herein is the property of McAfee, Inc. and may not be reproduced or disseminated without the expressed written consent of McAfee, Inc.
McAfee and/or additional marks herein are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the United States and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.
McAfee, Inc. 3965 Freedom Circle, Santa Clara, CA 95054 888.847.8766 www.mcafee.com