Adobe has released security updates for Adobe Reader and Acrobat for Windows and Macintosh. These updates address vulnerabilities that could potentially allow an attacker to take over the affected system. Adobe recommends users update their product installations to the latest versions:
Users of Adobe Reader X (10.1.13) and earlier versions should update to version 10.1.14.
Users of Adobe Acrobat XI (11.0.10) and earlier versions should update to version 11.0.11.
Users of Adobe Acrobat X (10.1.13) and earlier versions should update to version 10.1.14.
These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-3053, CVE-2015-3054, CVE-2015-3055, CVE-2015-3059, CVE-2015-3075).
These updates resolve heap-based buffer overflow vulnerabilities that could lead to code execution (CVE-2014-9160).
These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2015-3048).
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, CVE-2015-3076).
These updates resolve a memory leak (CVE-2015-3058).
These updates resolves a null-pointer dereference issue that could lead to a denial-of-service condition (CVE-2015-3047).
These updates provide additional hardening to protect against CVE-2014-8452, a vulnerability in the handling of XML external entities that could lead to information disclosure.