ACROS Blog: Adobe Reader X (10.1.2) msiexec.exe Planting

From: "ACROS Security Lists" <lists@xxxxxxxx>
Date: Mon, 16 Apr 2012 10:24:57 +0200

Adobe issued an update for Adobe Reader X (new version is 10.1.3), which, among other
issues, fixes an outside-the-sandbox msiexec.exe EXE planting vulnerability we
reported to them earlier this year. This article explains the vulnerability and how
it could have been exploited.

http://blog.acrossecurity.com/2012/04/adobe-reader-x-1012-msiexecexe-planting.html

or

http://bit.ly/HyXYAX

Enjoy the reading!

Mitja Kolsek, CEO / @mkolsek

ACROS, d.o.o.
Makedonska ulica 113, SI - 2000 Maribor, Slovenia
Tel +386.2.3000.280 Fax +386.2.3000.282
Web http://www.acrossecurity.com
Blg http://blog.acrossecurity.com
Twt @acrossecurity

ACROS Security: Finding Your Digital Vulnerabilities Before Others Do

Prev by Date: [ MDVSA-2012:059 ] python-sqlalchemy
Next by Date: Fwd: PHP Gift Registry 1.5.5 SQL Injection
Previous by thread: [ MDVSA-2012:059 ] python-sqlalchemy
Next by thread: Fwd: PHP Gift Registry 1.5.5 SQL Injection
Index(es):
- Date
- Thread

Relevant Pages

Re: ACROS Security: HTML Injection in BEA WebLogic Server Console (2)
... Mitja Kolsek of ACROS Security ... > administrative access to Server Console. ... > Cross site scripting is a very common problem with web-based applications. ... > The main differentiator of this particular vulnerability is that the ...
(Bugtraq)
ACROS Security: Remote Binary Planting in Apple iTunes for Windows (ASPR #2010-08-18-1)
... Simon Raner of ACROS Security ... A "binary planting" vulnerability in Apple iTunes for Windows allows local ... name on a network share and get the user to open a media file from this ...
(Bugtraq)
[Full-disclosure] ACROS Security: Remote Binary Planting in VMware Tools for Windows (ASPR #2010
... Jure Skofic and Mitja Kolsek of ACROS Security ... A "binary planting" vulnerability in VMware Tools for Windows allows local ... network location with any Windows application - which should require ...
(Full-Disclosure)
ACROS Security: Remote Binary Planting in VMware Tools for Windows (ASPR #2010-04-12-1)
... Jure Skofic and Mitja Kolsek of ACROS Security ... A "binary planting" vulnerability in VMware Tools for Windows allows local ... network location with any Windows application - which should require ...
(Bugtraq)
ACROS Security: HTML Injection in BEA WebLogic Server Console (2)
... HTML Injection in BEA WebLogic Server Console ... Mitja Kolsek of ACROS Security ... The main differentiator of this particular vulnerability is that the ... BEA Systems has issued a security bulletin and published a patch ...
(Bugtraq)