Adobe Security Bulletin

Security update available for RoboHelp

Release date: October 8, 2013

Vulnerability identifier: APSB13-24

Priority: 3

CVE number: CVE-2013-5327

Platforms: Windows

Summary

Adobe has released a security update for RoboHelp 10 for Windows.  This update addresses a vulnerability that could allow an attacker, who successfully exploits this vulnerability, to run malicious code on the affected system.  Adobe recommends users of RoboHelp 10 apply the solution using the instructions provided in the "Solution" section below.

Affected Versions

Product Affected Versions Platform
RoboHelp 10 and earlier versions Windows

Solution

Adobe categorizes this hotfix with the following priority rating and recommends users update their installations to the newest versions:

Product Platform Priority rating
RoboHelp Windows 3

Adobe recommends users of RoboHelp 10 apply the fix using the instructions below:
Backup the MDBMS.dll file:

  1. Browse to the RoboHTML folder - the default location is %ProgramFiles%\Adobe\RoboHelp 10\RoboHTML\
  2. Rename MDBMS.dll to MDBMS.old

Install the update:

  1. Download the APSB13-24.zip file
  2. Move MDBMS.dll from the extracted location to %ProgramFiles%\Adobe\RoboHelp 10\RoboHTML\

Download

Vulnerability Details

This update resolves a vulnerability that could lead to remote code execution (CVE-2013-5327).

Acknowledgements

Adobe would like to thank Jeremy Brown at Microsoft and Microsoft Vulnerability Research (CVE-2013-5327) for reporting this issue and for working with Adobe to help protect our customers.