Security > Security Alerts & Briefings

Adobe Acrobat / Reader Plug-in Buffer Overflow Vulnerability

(1/1)

Corrine:
TITLE:  Adobe Acrobat / Reader Plug-in Buffer Overflow Vulnerability

SECUNIA ADVISORY ID:  SA16466
RELEASE DATE:  2005-08-16
LAST UPDATE:  2005-08-17
VERIFY ADVISORY:  http://secunia.com/advisories/16466/

CRITICAL:  Highly critical
WHERE:  From remote
IMPACT:  System access

SOFTWARE: 
Adobe Acrobat 5.x
Adobe Acrobat 6.x
Adobe Acrobat 7.x
Adobe Acrobat Reader 5.x
Adobe Reader 6.x
Adobe Reader 7.x

DESCRIPTION:  A vulnerability has been reported in Adobe Reader and Adobe Acrobat, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified boundary error in the core application plug-in and can be exploited to cause a buffer overflow when a specially crafted file is opened.

Successful exploitation may allow execution of arbitrary code.


SOLUTION:  Install updated version.

Adobe Reader (Windows or Mac OS):  Update to version 7.0.3 or 6.0.4.
Adobe Reader (Linux or Solaris):  Update to version 7.0.1.
Adobe Acrobat (Windows or Mac OS):  Update to version 7.0.3, 6.0.4, or 5.0.10.


REPORTED BY CREDITS:  Reported by vendor.
CHANGELOG:  2005-08-17: Added link to US-CERT vulnerability note.
ORIGINAL ADVISORY:  Adobe:  http://www.adobe.com/support/techdocs/321644.html

OTHER REFERENCES:  US-CERT VU#896220:  http://www.kb.cert.org/vuls/id/896220

Source:  http://secunia.com/advisories/16466/

Navigation

[0] Message Index