Adobe Acrobat and Reader JavaScript Method Code Execution Vulnerability
Last Update Date:
28 Jan 2011
Release Date:
20 Mar 2009
5147
Views
RISK: Medium Risk
A vulnerability has been identified in Adobe Reader and Acrobat, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by an error whithin the processing of an unspecified JavaScript method, which could allow attackers to cause a vulnerable application to crash or execute arbitrary code by tricking a user into opening a specially crafted PDF file.
Impact
- Remote Code Execution
System / Technologies affected
- Adobe Reader versions prior to 9.1
- Adobe Reader versions prior to 8.1.3
- Adobe Reader versions prior to 7.1.1
- Adobe Acrobat Standard versions prior to 9.1
- Adobe Acrobat Pro versions prior to 9.1
- Adobe Acrobat Pro Extended versions prior to 9.1
- Adobe Acrobat versions prior to 8.1.3
- Adobe Acrobat versions prior to 7.1.1
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to Adobe Reader and Acrobat version 9.1, 8.1.4 and 7.1.1 :
http://www.adobe.com/support/security/bulletins/apsb09-04.html
Vulnerability Identifier
Source
Share with