English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 50066
À§Çèµµ 40
Æ÷Æ® 139,445
ÇÁ·ÎÅäÄÝ TCP
ºÐ·ù SMB
»ó¼¼¼³¸í ¿ø°Ý È£½ºÆ®¿¡ Adobe Reader 11.0.9 ÀÌÀü ¹öÀüÀÌ ¼³Ä¡µÇ¾î ÀÖÀ¸¸ç, ´ÙÁß Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù.

- A use-after-free ¿¡·¯°¡ Á¸ÀçÇØ ÀÓÀÇÀÇ Äڵ尡 ½ÇÇàµÉ ¼ö ÀÖ´Ù. (CVE-2014-0560)

- heap-based buffer overflow°¡ Á¸ÀçÇØ ÀÓÀÇÀÇ Äڵ尡 ½ÇÇàµÉ ¼ö ÀÖ´Ù. (CVE-2014-0561, CVE-2014-0567)

- memory corruption ¿¡·¯°¡ Á¸ÀçÇØ ¼­ºñ½º °ÅºÎ »óÅ¿¡ ºüÁú ¼ö ÀÖ´Ù. (CVE-2014-0563)

- Memory corruption ¿¡·¯°¡ Á¸ÀçÇØ ÀÓÀÇÀÇ Äڵ尡 ½ÇÇàµÉ ¼ö ÀÖ´Ù. (CVE-2014-0565, CVE-2014-0566)

- Á¤ÀǵÇÁö ¾ÊÀº ¿¡·¯°¡ Á¸ÀçÇØ sandbox º¸¾È Á¦¾à»çÇ×À» ¿ìȸÇÒ ¼ö ÀÖ´Ù. (CVE-2014-0568)

* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº Á¡°ËÇϱâ À§ÇÑ È£½ºÆ®·Î ·Î±×ÀÎ ÇÒ ¼ö ÀÖ´Â °ü¸®ÀÚ ±ÇÇÑÀ» °¡Áø °èÁ¤À» ÇÊ¿ä·Î ÇÑ´Ù. ÀÌ·¯ÇÑ Á¶°ÇÀÌ ¾ÈµÇ¸é Á¡°ËÀ» ¼öÇàÇÒ ¼ö ¾øÀ¸¸ç ¸ðµç Ãë¾àÇÑ È£½ºÆ®µé¿¡ ´ëÇؼ­ °ÅÁþ À½¼º¹ÝÀÀ(False Negative)À» º¸ÀÏ ¼ö ÀÖ´Ù.

* Âü°í »çÀÌÆ®:
http://helpx.adobe.com/security/products/reader/apsb14-20.html

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Adobe Reader 11.0.9 ÀÌÀüÀÇ ¹öÀüµé
Microsoft Windows Any version
Linux Any version
ÇØ°áÃ¥ ´ÙÀ½ Adobe º¸¾È °Ô½Ã¹°¿¡ ¼³¸íµÇ¾î ÀÖµíÀÌ Adobe ReaderÀÇ °¡Àå ÃֽŠ¹öÀü(11.0.9 ȤÀº ÀÌÈÄ)À¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù:
http://helpx.adobe.com/security/products/reader/apsb14-20.html
°ü·Ã URL CVE-2014-0560,CVE-2014-0561,CVE-2014-0563,CVE-2014-0565,CVE-2014-0566,CVE-2014-0567,CVE-2014-0568 (CVE)
°ü·Ã URL 69823,69821,69826,69824,69825,69827,69828 (SecurityFocus)
°ü·Ã URL (ISS)