Jump to content
xisto Community
Sign in to follow this  
Saint_Michael

Adobe Acrobat Hackable meaing planting of viruses and what not

Recommended Posts

Adobe has warned of a serious flaw affecting one of the most widely distributed client applications, Acrobat Reader. The flaw leaves users open to attack via maliciously crafted PDF files, which can be spread via e-mail attachments web page links, and can be used to take control of a system.

"Remote exploitation of a buffer overflow in Adobe Acrobat Reader for    Unix could allow an attacker to execute arbitrary code," says security firm IDefense, which discovered the flaw, in an advisory.


A number of bugs in Acrobat Reader have emerged in recent weeks, but none were particularly serious. The last serious flaw to affect Acrobat Reader was in December 2004, when Acrobat Reader 5.x and 6.x were hit by several vulnerabilities allowing remote attackers to execute malicious code.

Affected Versions

The flaw affects Acrobat Reader 5.x for Unix and    Linux, which has a large installed base despite the availability of newer versions. PDF is widely used as a platform-independent file format, and unlike Microsoft Office document formats, has full support on Unix and Linux.


The bug is in the function UnixAppOpenFilePerform(), which is called by Acrobat Reader while opening certain documents, IDefense says. User-supplied data is copied into a fixed-sized stack buffer, which leads to a stack-based buffer overflow and the execution of arbitrary code, IDefense says. A remote attacker can easily choose data to exploit the hole without needing to know stack addresses, says the firm.


The bug is made somewhat less dangerous by the fact that two error messages appear before the exploit takes effect, but closing the message windows doesn't stop the attack from taking place, IDefense says.


IDefense and Adobe recommended caution when opening attachments or following links, and says users should upgrade to an unaffected version, such as Acrobat Reader 7.0.


Share this post


Link to post
Share on other sites

Well, Adobe PDFs are still safer on Windows than MS Word DOCs. Although, personally, I prefer Rich Text Format (RTF).

Share this post


Link to post
Share on other sites

well I dont use PDF files too much anyways either than if its a guide on how to use a program such as Flash 8, or photoshop. I'll also use it to view pdf's on the net via google. only the top ones tho. so its no apparent threat to me.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.