• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Adobe Acrobat and Reader CoolType Typography Engine Remote Denial of Service Vulnerability

Severity: MODERATE

Description:

Adobe Reader and Acrobat are applications for handling PDF files.

Adobe Acrobat and Reader are prone to a denial-of-service vulnerability due to a memory-corruption issue. This issue occurs when the application initializes the CoolType Typography Engine ('cooltype.dll') library.

Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Due to the nature of this issue, arbitrary code-execution may be possible; however this has not been confirmed.

Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected.

NOTE: This issue was previously covered in BID 41130 (Adobe Acrobat and Reader Prior to 9.3.3 Multiple Remote Vulnerabilities) but has been given its own record to better document it.

Affected Products:

• Adobe Acrobat 6.0.0
• Adobe Acrobat 6.0.1
• Adobe Acrobat 6.0.2
• Adobe Acrobat 6.0.3
• Adobe Acrobat 6.0.4
• Adobe Acrobat 6.0.5
• Adobe Acrobat 7.0.0
• Adobe Acrobat 7.0.1
• Adobe Acrobat 7.0.2
• Adobe Acrobat 7.0.3
• Adobe Acrobat 7.0.9
• Adobe Acrobat 8.2.2
• Adobe Acrobat 9.1.1
• Adobe Acrobat 9.2
• Adobe Acrobat 9.3
• Adobe Acrobat 9.3.1
• Adobe Acrobat 9.3.2
• Adobe Acrobat Professional 6.0
• Adobe Acrobat Professional 7.0.0
• Adobe Acrobat Professional 7.0.1
• Adobe Acrobat Professional 7.0.2
• Adobe Acrobat Professional 7.0.3
• Adobe Acrobat Professional 7.0.4
• Adobe Acrobat Professional 7.0.5
• Adobe Acrobat Professional 7.0.6
• Adobe Acrobat Professional 7.0.7
• Adobe Acrobat Professional 7.0.8
• Adobe Acrobat Professional 7.0.9
• Adobe Acrobat Professional 7.1
• Adobe Acrobat Professional 7.1.1
• Adobe Acrobat Professional 7.1.3
• Adobe Acrobat Professional 7.1.4
• Adobe Acrobat Professional 8.0
• Adobe Acrobat Professional 8.1
• Adobe Acrobat Professional 8.1.1
• Adobe Acrobat Professional 8.1.2
• Adobe Acrobat Professional 8.1.2 Security Update 1
• Adobe Acrobat Professional 8.1.3
• Adobe Acrobat Professional 8.1.4
• Adobe Acrobat Professional 8.1.6
• Adobe Acrobat Professional 8.1.7
• Adobe Acrobat Professional 8.2
• Adobe Acrobat Professional 8.2.1
• Adobe Acrobat Professional 8.2.2
• Adobe Acrobat Professional 9
• Adobe Acrobat Professional 9.1
• Adobe Acrobat Professional 9.1.2
• Adobe Acrobat Professional 9.1.3
• Adobe Acrobat Professional 9.2
• Adobe Acrobat Professional 9.3
• Adobe Acrobat Professional 9.3.1
• Adobe Acrobat Professional 9.3.2
• Adobe Acrobat Standard 7.0.0
• Adobe Acrobat Standard 7.0.1
• Adobe Acrobat Standard 7.0.2
• Adobe Acrobat Standard 7.0.3
• Adobe Acrobat Standard 7.0.4
• Adobe Acrobat Standard 7.0.5
• Adobe Acrobat Standard 7.0.6
• Adobe Acrobat Standard 7.0.7
• Adobe Acrobat Standard 7.0.8
• Adobe Acrobat Standard 7.1
• Adobe Acrobat Standard 7.1.1
• Adobe Acrobat Standard 7.1.3
• Adobe Acrobat Standard 7.1.4
• Adobe Acrobat Standard 8.0
• Adobe Acrobat Standard 8.1
• Adobe Acrobat Standard 8.1.1
• Adobe Acrobat Standard 8.1.2
• Adobe Acrobat Standard 8.1.3
• Adobe Acrobat Standard 8.1.4
• Adobe Acrobat Standard 8.1.6
• Adobe Acrobat Standard 8.1.7
• Adobe Acrobat Standard 8.2
• Adobe Acrobat Standard 8.2.1
• Adobe Acrobat Standard 8.2.2
• Adobe Acrobat Standard 9
• Adobe Acrobat Standard 9.1
• Adobe Acrobat Standard 9.1.2
• Adobe Acrobat Standard 9.1.3
• Adobe Acrobat Standard 9.2
• Adobe Acrobat Standard 9.3
• Adobe Acrobat Standard 9.3.1
• Adobe Acrobat Standard 9.3.2
• Adobe Reader 7.0.0
• Adobe Reader 7.0.1
• Adobe Reader 7.0.2
• Adobe Reader 7.0.3
• Adobe Reader 7.0.4
• Adobe Reader 7.0.5
• Adobe Reader 7.0.6
• Adobe Reader 7.0.7
• Adobe Reader 7.0.8
• Adobe Reader 7.0.9
• Adobe Reader 7.1
• Adobe Reader 7.1.1
• Adobe Reader 7.1.2
• Adobe Reader 7.1.3
• Adobe Reader 7.1.4
• Adobe Reader 8.0
• Adobe Reader 8.1
• Adobe Reader 8.1.1
• Adobe Reader 8.1.2
• Adobe Reader 8.1.2 Security Update 1
• Adobe Reader 8.1.3
• Adobe Reader 8.1.4
• Adobe Reader 8.1.5
• Adobe Reader 8.1.6
• Adobe Reader 8.1.7
• Adobe Reader 8.2
• Adobe Reader 8.2.1
• Adobe Reader 8.2.2
• Adobe Reader 9
• Adobe Reader 9.1
• Adobe Reader 9.1.1
• Adobe Reader 9.1.2
• Adobe Reader 9.1.3
• Adobe Reader 9.2
• Adobe Reader 9.3
• Adobe Reader 9.3.1
• Adobe Reader 9.3.2

References:

• Adobe: Adobe Homepage
• Gjoko Krstic: Adobe Reader 9.3.2 (CoolType.dll) Remote Memory Corruption / DoS Vulnerability

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.