-
-
A JavaScript Buffer Overflow in Adobe Acrobat, Acrobat 3D & Reader allowed remote attacker to execute arbitrary code. The code will run with the privileges of the target user opening the PDF document. Excerpt from iDefense Public Advisory;
Adobe Reader and Acrobat implement a version of JavaScript in the EScript.api plug-in which is based on the reference implementation used in Mozilla products. One of the methods exposed allows direct control over low level features of the object, which in turn allows execution of arbitrary code.
Workaround
Disabled Adobe Reader & Acrobat JavaScript. Perform Update ↓
Update -Adobe Acrobat & Reader version 8.1.2
Adobe released version 8.1.2 of Adobe Reader, Acrobat & Acrobat 3D to address
these vulnerabilities.- Adobe Reader 7 and 8 users update to Adobe Reader 8.1.2
- Acrobat 8 users on Windows update to Acrobat 8.1.2
- Acrobat 8 users on Macintosh update to Acrobat 8.1.2
- Acrobat 3D version 8 users on Windows update to Acrobat 3D version 8.1.2
These vulnerabilities were discovered by Greg MacManus of VeriSign iDefense Labs.
Related Posts
External Links
-
- February 9, 2008 at 2:35 pm
- March 4, 2008 at 6:00 pm
- 0.3
- url
-
-
-
No Responses to “Adobe Acrobat, Acrobat 3D & Reader Multiple Vulnerabilities”
Trackback URL: Use the TrackBack url ↑ to ping this article. If your blog does not support Trackbacks you might want to leave a comment instead.
-
-
"write as if you were talking to a good friend (in front of your mother)."
.haveyoursay
Disclaimer: For any content that you post, you hereby grant to Kakkoi the royalty-free, irrevocable, perpetual, exclusive and fully sublicensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, perform and display such content in whole or in part, world-wide and to incorporate it in other works, in any form, media or technology now known or later developed. Some rights reserved.
-
The following "Code" are designed to protect you and other users of this site.
In order to keep these experiences enjoyable and interesting for all of our users, we ask that you follow the above guidlines.
be the first to comment.