<% dim ModuleName,InfoID,ChannelShortName,CorrelativeArticle,InstallDir,ChannelDir,Keyword,PageTitle,ArticleIntro,Articlecontent Keyword=stripHTML("嵌入式,漏洞,破坏") PageTitle=stripHTML("Adobe Digital Editions嵌入式字体处理内存破坏漏洞(CVE-2013-1377)") ArticleIntro=stripHTML("77169.com小编引言:Adobe Digital Editions嵌入式字体处理内存破坏漏洞(CVE-2013-1377).以下是漏洞详情:") Articlecontent=stripHTML("受影响产品:Adobe Digital Editions 2.0.67532漏洞描述:BUGTRAQ  ID: 61528
CVE(CAN) ID: CVE-2…") ModuleName = stripHTML("exploits") InfoID = stripHTML("182223") ChannelShortName=stripHTML("漏洞") InstallDir=stripHTML("http://www.77169.com/") ChannelDir=stripHTML("exploits") %> Adobe Digital Editions嵌入式字体处理内存破坏漏洞(CVE-2013-1377) - 华盟网 - http://www.77169.com
您现在的位置: 华盟网 >> 漏洞 >> 本地 >> 正文

Adobe Digital Editions嵌入式字体处理内存破坏漏洞(CVE-2013-1377)

2015/3/2 作者:不祥 来源: 互联网
导读 <% if len(ArticleIntro)<3 then Response.Write Articlecontent 'Response.Write "Articlecontent" else Response.Write ArticleIntro 'Response.Write "ArticleIntro" end if %>
受影响产品:Adobe Digital Editions 2.0.67532漏洞描述:BUGTRAQ ID: 61528
CVE(CAN) ID: CVE-2013-1377

Adobe Digital Editions是阅读和管理电子书及其他数字出版物的软件,支持工业标准电子书格式,例如PDF/A、EPUB。

Adobe Digital Editions 2.0.67532的rmsdk_wrapper.dll模块会在处理嵌入字体流的CVT程序表时出错,攻击者通过PDF文件内的特制字体流,利用此漏洞可破坏内存。Kaveh Ghaemmaghami (coolkaveh)

http://secunia.com/advisories/51749/
http://www.adobe.com/support/security/bulletins/apsb13-20.html *>77169安全建议:厂商补丁:

Adobe
-----
Adobe已经为此发布了一个安全公告(apsb13-20)以及相应补丁:
apsb13-20:Security update for Adobe Digital Editions
链接:http://www.adobe.com/support/security/bulletins/apsb13-20.html

补丁下载:http://www.adobe.com/products/digital-editions/download.html