Adobe Reader X Sandbox Bypass Vulnerability
Sep 13, 2011

Summary:
========
Fortinet's FortiGuard Labs has discovered a sandbox bypass vulnerability 
in Adobe Reader X.

Impact:
=======
Local Privilege Escalation.

Risk:
=====
Critical

Affected Software:
==================
For a list of product versions affected, please see the Adobe Security 
Bulletin reference below.

Additional Information:
=======================
By successfully leveraging a sandbox bypass vulnerability in Adobe 
Reader X, a malicious code could escape out of the sandbox resulting in 
privilege escalation.

References:
========
FortiGuard Advisory: https://www.fortiguard.com/advisory/FGA-2011-30.html
Adobe Security Bulletin Summary for September 13, 
2011:https://www.adobe.com/support/security/bulletins/apsb11-24.html
CVE ID: CVE-2011-1353

Solutions:
=======
Users should apply the solution provided by Adobe.

Acknowledgment:
==============
Zhenhua Liu of Fortinet's FortiGuard Labs



***  Please note that this message and any attachments may contain confidential 
and proprietary material and information and are intended only for the use of 
the intended recipient(s). If you are not the intended recipient, you are hereby 
notified that any review, use, disclosure, dissemination, distribution or copying 
of this message and any attachments is strictly prohibited. If you have received 
this email in error, please immediately notify the sender and destroy this e-mail 
and any attachments and all copies, whether electronic or printed.
Please also note that any views, opinions, conclusions or commitments expressed 
in this message are those of the individual sender and do not necessarily reflect 
the views of Fortinet, Inc., its affiliates, and emails are not binding on 
Fortinet and only a writing manually signed by Fortinet's General Counsel can be 
a binding commitment of Fortinet to Fortinet's customers or partners. Thank you. ***