[º¸¾È´º½º ±è°æ¾Ö] ¾îµµºñ(Adobe)»ç´Â Acrobat DC/Reader DC ¹× XI¿¡¼ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À» ÇØ°áÇÑ º¸¾È ¾÷µ¥ÀÌÆ® 17°³¸¦ ¹ßÇ¥Çß´Ù. µû¶ó¼ ³·Àº ¹öÀü »ç¿ëÀÚ´Â ¾Ç¼ºÄÚµå °¨¿°¿¡ Ãë¾àÇÒ ¼ö ÀÖ¾î ÇØ°á¹æ¾È¿¡ µû¶ó ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®ÇÏ´Â °ÍÀÌ ¹Ù¶÷Á÷ÇÏ´Ù.
Adobe AcrobatÀÇ 17°³ Ãë¾àÁ¡Àº ´ÙÀ½°ú °°´Ù.
¡âÀÓÀÇÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â use-after-free Ãë¾àÁ¡(CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, CVE-2016-0940, CVE-2016-0941)
¡âÀÓÀÇÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â double-free Ãë¾àÁ¡(CVE-2016-0935)
¡âÀÓÀÇÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡(CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, CVE-2016-0946)
¡âJavascript API ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â ¿ìȸ Ãë¾àÁ¡(CVE-2016-0943)
¡âµð·ºÅ丮 °Ë»ö °æ·Î¿¡¼ ÀÓÀÇ ÄÚµå ½ÇÇàÀÌ µÇ´ø Ãë¾àÁ¡ (CVE-2016-0947)
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î´Â Adobe Acrobat DC/Reader DC, Acrobat XI, Reader XIÀ̸ç, ´ÙÀ½°ú °°´Ù.
ÀÌ¿¡ µû¶ó Adobe Acrobat DC »ç¿ëÀÚ´Â À©µµ¿ìÁî, ¸Æ ȯ°æÀÇ Adobe Acrobat DC »ç¿ëÀÚÀÇ °æ¿ì 15.010.20056¹öÀü ¶Ç´Â 15.006.30119¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇÏ´Â °ÍÀÌ ¹Ù¶÷Á÷ÇÏ´Ù. ¶ÇÇÑ, Adobe Flash Player Download Center(http://www.adobe.com/go/getflash)¿¡ ¹æ¹®ÇØ ÃֽŠ¹öÀüÀ» ¼³Ä¡Çϰųª ÀÚµ¿ ¾÷µ¥ÀÌÆ®¸¦ ÀÌ¿ëÇØ ¾÷±×·¹À̵åÇÏ¸é µÈ´Ù.
À©µµ¿ìÁî, ¸Æ ȯ°æÀÇ Adobe Acrobat Reader DC »ç¿ëÀÚ´Â 15.010.20056¹öÀü ¶Ç´Â 15.006.30119¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇÏ°í, Adobe Flash Player Download Center(http://www.adobe.com/go/getflash)¿¡ ¹æ¹®ÇØ ÃֽŠ¹öÀüÀ» ¼³Ä¡ÇÏ¸é µÈ´Ù.
À©µµ¿ìÁî, ¸Æ ȯ°æÀÇ Adobe Acrobat XI »ç¿ëÀÚ´Â 11.0.14¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ® Àû¿ëÇÏ°í, Adobe Flash Player Download Center(http://www.adobe.com/go/getflash)¿¡ ¹æ¹®ÇØ ÃֽŠ¹öÀüÀ» ¼³Ä¡Çϰųª, ÀÚµ¿ ¾÷µ¥ÀÌÆ®¸¦ ÀÌ¿ëÇÏ¿© ¾÷±×·¹À̵åÇØ¾ß ÇÑ´Ù.
À©µµ¿ìÁî, ¸Æ ȯ°æÀÇ Adobe Reader XI »ç¿ëÀÚ´Â 11.0.14¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®ÇØ Àû¿ëÇÏ°í, Adobe Flash Player Download Center(http://www.adobe.com/go/getflash)¿¡ ¹æ¹®ÇØ ÃֽŠ¹öÀüÀ» ¼³Ä¡Çϰųª, ÀÚµ¿ ¾÷µ¥ÀÌÆ®¸¦ ÀÌ¿ëÇØ ¾÷±×·¹À̵åÇØ¾ß ÇÑ´Ù.
Adobe Acrobat X¿Í Adobe Reader X´Â ´õ ÀÌ»óÀÇ º¸¾È ÆÐÄ¡¸¦ Áö¿øÇÏÁö ¾ÊÀ¸¹Ç·Î »ç¿ëÀÚµéÀº Adobe Acrobat DC ¹× Adobe Acrobat Reader DC ÃֽŠ¹öÀüÀ¸·Î ¾÷±×·¹À̵åÇÏ´Â °ÍÀÌ ¹Ù¶÷Á÷ÇÏ´Ù.
Á»´õ ÀÚ¼¼ÇÑ »çÇ×Àº Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ¿¡ ¹®ÀÇ(±¹¹ø ¾øÀÌ 118)ÇÏ¸é µÈ´Ù.
[Âü°í»çÀÌÆ®]
[1] https://helpx.adobe.com/security/products/acrobat/apsb16-02.html
[¿ë¾î Á¤¸®]
Double Free Ãë¾àÁ¡: ƯÁ¤ Èü ¿µ¿ªÀ» µÎ¹ø ÇØÁ¦½ÃÄÑ ¸Þ¸ð¸® Æ÷ÀÎÅ͸¦ Á¶ÀÛÇÒ ¼ö ÀÖ´Â Ãë¾àÁ¡
Use-After-Free Ãë¾àÁ¡: ¼ÒÇÁÆ®¿þ¾î ±¸Çö ½Ã µ¿Àû ȤÀº Á¤ÀûÀ¸·Î ÇÒ´çµÈ ¸Þ¸ð¸®¸¦ ÇØÁ¦ÇßÀ½¿¡µµ ºÒ±¸ÇÏ°í À̸¦ °è¼Ó ÂüÁ¶(»ç¿ë)ÇÏ¿© ¹ß»ýÇÏ´Â Ãë¾àÁ¡
[±è°æ¾Ö ±âÀÚ(boan3@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(www.boannews.com) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>