Security Advisory: Buffer overflow vulnerability in Adobe Reader (Linux, Solaris, HP-UX, IBM-AIX) Advisory Name: Buffer overflow vulnerability in Adobe Reader Release Date: July 05, 2005 Product: Adobe Reader 5.0.9, 5.0.10 Platform: Linux, Solaris, HP-UX, IBM-AIX Vulnerability Identifier: CAN-2005-1625 Overview: A vulnerability within Adobe Reader has been identified. Under certain circumstances, remote exploitation of a buffer overflow in Adobe Reader could allow an attacker to execute arbitrary code. Adobe has solutions available that can rectify these issues. Please refer to the "Recommendations" section for further information. Effect: If exploited, it could allow the execution of arbitrary code under the privileges of the local user. Remote exploitation is possible if the malicious PDF document is sent as an email attachment or if the PDF document is accessed via a web link. Details: The vulnerability is within the Adobe Reader control. Under special circumstances, if a malicious PDF file is opened using Adobe Reader, a stack buffer overflow could occur resulting in the execution of arbitrary code.
More in http://www.adobe.com/support/techdocs/329083.html Regards Ludi -- America/Brazil GMT -3 Ubuntu Linux 5.04 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://nashi.altmuehlnet.de/pipermail/scribus/attachments/20050707/b4f4cf31/attachment.pgp
