November 5, 2008

Critical vulnerability in Adobe Reader

Author: JT Smith

Core Security Technologies issued an advisory disclosing a vulnerability that could affect millions of individuals and businesses using Adobeââ¬â¢s Reader PDF file viewing software. Engineers from CoreLabs determined that Adobe Reader could be exploited to gain access to vulnerable systems via the use of a specially crafted PDF file with malicious JavaScript content. Successful exploitation of the vulnerability requires that users open a maliciously crafted PDF file thereby allowing attackers to gain access to vulnerable systems and assume the privileges of a user running Acrobat Reader. Adobe Reader version 9, which was released in June 2008, is not vulnerable to the reported problem.

Link: net-security.org

Category:

  • Security
Click Here!