Security Advisory: Acrobat and Adobe Reader plug-in buffer overflow

Discussion in 'other security issues & news' started by NICK ADSL UK, Oct 15, 2005.

Thread Status:
Not open for further replies.

    NICK ADSL UK Administrator

    May 13, 2003
    Adobe has discovered a buffer overflow in Adobe Acrobat and Adobe Reader. This issue has been addressed and a product update is available to proactively mitigate potential malicious activity. Adobe always recommends that users keep their systems up to date and install the latest update of these applications.

    Effect: If the vulnerability were successfully exploited, the application could crash with an increased risk of arbitrary code execution.

    Details: The identified vulnerability is a buffer overflow within a core application plug-in which is part of Adobe Acrobat and Adobe Reader. If a malicious file were opened it could trigger a buffer overflow as the file is being loaded into Adobe Acrobat and Adobe Reader. A buffer overflow can cause the application to crash and increase the risk of malicious code execution.


    Adobe Reader on Windows or Mac OS:

    -- For version 7.0-7.0.2, users should utilize the product's automatic update facility. The default installation configuration runs automatic updates on a regular schedule, and can be manually activated by choosing Help > Check For Updates Now. Alternatively, the 7.0.5 update files can also be manually downloaded and installed from:

    Attached Files:

Thread Status:
Not open for further replies.