Affected Products: SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________
An update that fixes three vulnerabilities is now available. It includes two new package versions.
Description:
Specially crafted PDF files could have caused a denial of service or have lead to the execution of arbitrary code in the context of the user running acroread:
* CVE-2012-0774, crafted fonts inside PDFs could allow attackers to cause an integer overflow, resulting in the possibility of arbitrary code execution * CVE-2012-0775, CVE-2012-0777: an issue in acroread's javascript API could allow attackers to cause a denial of service or potentially execute arbitrary code