SLAC Computer Security
Search SLAC

Computer Security News You Can Use (at Home too)

UPDATE ADOBE ACROBAT READER ON YOUR HOME COMPUTER ASAP!

Title: Acrobat Professional and Reader Vulnerability

 

Source:  iDefense Security Advisory 11.04.08

New vulnerability announced in Acrobat Professional and Reader which could allow an attacker to execute arbitrary code with the

privileges of the current user. The vulnerable code is an AcroJS function available to scripting code inside of a PDF document. This

function is used for HTTP authentication. By passing a long string to this function, it is possible to corrupt heap memory in such a

way that may lead to the execution of arbitrary code. Vulnerability can be found in Acrobat Professional and Adobe Reader version

8.1.2. Previous versions may also be affected.

 

More info:

http://labs.idefense.com/intelligence/vulnerabilities/

Owner: SLAC Computer Security
Last Updated: 07/22/2010
Feedback: Please send to
Computer Security Feedback