Security Advisory: Acrobat and Adobe Reader plug-in buffer overflow

Discussion in 'other security issues & news' started by NICK ADSL UK, Oct 15, 2005.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,495
    Location:
    UK
    Overview:
    Adobe has discovered a buffer overflow in Adobe Acrobat and Adobe Reader. This issue has been addressed and a product update is available to proactively mitigate potential malicious activity. Adobe always recommends that users keep their systems up to date and install the latest update of these applications.

    Effect: If the vulnerability were successfully exploited, the application could crash with an increased risk of arbitrary code execution.

    Details: The identified vulnerability is a buffer overflow within a core application plug-in which is part of Adobe Acrobat and Adobe Reader. If a malicious file were opened it could trigger a buffer overflow as the file is being loaded into Adobe Acrobat and Adobe Reader. A buffer overflow can cause the application to crash and increase the risk of malicious code execution.

    Recommendations:

    Adobe Reader on Windows or Mac OS:

    -- For version 7.0-7.0.2, users should utilize the product's automatic update facility. The default installation configuration runs automatic updates on a regular schedule, and can be manually activated by choosing Help > Check For Updates Now. Alternatively, the 7.0.5 update files can also be manually downloaded and installed from:http://www.adobe.com/products/acrobat/readstep2.html
     

    Attached Files:

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.