Secunia

Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user's system.

1) An unspecified error can be exploited to conduct cross-site scripting attacks.

2) An unspecified "prefix protocol handler" error may allow code execution.

3) An unspecified error may be exploited to execute arbitrary code.

4) An unspecified error may be exploited to execute arbitrary code.

5) An error in the X3D component (3difr.x3d) when processing a DeviceRGB sub-type stream can be exploited to corrupt memory and may allow execution of arbitrary code.

6) An index calculation error in the parsing of certain tables in embedded fonts may allow code execution.

7) An integer overflow error when parsing the "Shading Count" field of a CLOD Mesh Declaration block in U3D data can potentially be exploited to cause a heap-based buffer overflow and execute arbitrary code.

NOTE: Reportedly, this vulnerability only affects Adobe Reader for Linux.

8) An unspecified error can be exploited to corrupt memory and may allow execution of arbitrary code.

9) An uninitialised memory error when processing JPEG images can be exploited to dereference out-of-bounds data and may allow execution of arbitrary code.

10) A boundary error when processing GIF images can be exploited to cause a buffer overflow and may allow execution of arbitrary code.

11) An unspecified error can be exploited to corrupt memory and may allow execution of arbitrary code.

12) An integer overflow error when processing various image types (e.g. BMP and PNG) can be exploited to cause a heap-based buffer overflow and may allow execution of arbitrary code.

13) An unspecified error can be exploited to corrupt memory and may allow execution of arbitrary code.

14) An error in CoolType.dll when parsing CFF encodings can be exploited to cause a heap-based buffer overflow and may allow execution of arbitrary code.

The vulnerabilities are reported in versions 9.3.1 and prior and versions 8.2.1 and prior.

Solution
Update to version 9.3.2 or 8.2.2.
Further details available in Customer Area

Provided and/or discovered by
1, 2) The vendor credits Billy Rios and Microsoft Vulnerability Research (MSVR).
3) The vendor credits Aki Helin, Oulu University Secure Programming Group.
4) The vendor credits Microsoft Vulnerability Research Program (MSVR).
5) Bing Liu, Fortinet's FortiGuard Labs.
6) An anonymous person via ZDI.
7) TELUS Security Labs.
8) The vendor credits James Quirk.
9, 10, 12) The vendor credits Nicolas Joly, Vupen.
11) The vendor credits Felipe Andres Manzano via iSIGHT Partners Global Vulnerability Partnership.
13) The vendor credits Greg MacManus, iSIGHT Partners Labs.
14) Haifei Li, Fortinet's FortiGuard Labs.

Changelog
Further details available in Customer Area

Original Advisory
Adobe:
http://www.adobe.com/support/security/bulletins/apsb10-09.html

ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-10-071/

TELUS Security Labs:
http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0203.html

Technical Analysis
Further details available in Customer Area

Alternate/detailed remediation
Further details available in Customer Area

Deep Links
Links available in Customer Area