RHSA-2008:0974 - Security Advisory

Topic

Updated acroread packages that fix various security issues are now
available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4
Extras, and Red Hat Enterprise Linux 5 Supplementary.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

Description

Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).

Several input validation flaws were discovered in Adobe Reader. A malicious
PDF file could cause Adobe Reader to crash or, potentially, execute
arbitrary code as the user running Adobe Reader. (CVE-2008-2549,
CVE-2008-2992, CVE-2008-4812, CVE-2008-4813, CVE-2008-4814, CVE-2008-4817)

The Adobe Reader binary had an insecure relative RPATH (runtime library
search path) set in the ELF (Executable and Linking Format) header. A local
attacker able to convince another user to run Adobe Reader in an
attacker-controlled directory could run arbitrary code with the privileges
of the victim. (CVE-2008-4815)

All acroread users are advised to upgrade to these updated packages, that
contain Adobe Reader version 8.1.3, and are not vulnerable to these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Server 4 x86_64
• Red Hat Enterprise Linux Server 4 i386
• Red Hat Enterprise Linux Server 3 x86_64
• Red Hat Enterprise Linux Server 3 i386
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.2 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.2 i386
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 4ES x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 4ES i386
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 4AS x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 4AS i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Workstation 4 x86_64
• Red Hat Enterprise Linux Workstation 4 i386
• Red Hat Enterprise Linux Workstation 3 x86_64
• Red Hat Enterprise Linux Workstation 3 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux Desktop 4 x86_64
• Red Hat Enterprise Linux Desktop 4 i386
• Red Hat Enterprise Linux Desktop 3 x86_64
• Red Hat Enterprise Linux Desktop 3 i386
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 450078 - CVE-2008-2549 acroread: crash and possible code execution
• BZ - 469875 - CVE-2008-4812 Adobe Reader: embedded font handling out-of-bounds array indexing
• BZ - 469876 - CVE-2008-4813 Adobe Reader: PDF objects parsing and JavaScript getCosObj handling memory corruption flaw
• BZ - 469877 - CVE-2008-2992 Adobe Reader: JavaScript util.printf() function buffer overflow
• BZ - 469880 - CVE-2008-4814 Adobe Reader: arbitrary code execution via unspecified JavaScript method
• BZ - 469882 - CVE-2008-4815 Adobe Reader: insecure RPATH flaw
• BZ - 469923 - CVE-2008-4817 Adobe Reader: Download Manager input validation flaw

CVEs

• CVE-2008-2549
• CVE-2008-4812
• CVE-2008-4813
• CVE-2008-4817
• CVE-2008-4814
• CVE-2008-4815
• CVE-2008-2992
• CVE-2009-0927

References

(none)