Adobe Reader and Acrobat Unspecified Code Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 15 Dec 2009 4457 Views

RISK: Medium Risk

Medium Risk

A vulnerability has been identified in Adobe Reader and Acrobat, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by an unspecified memory corruption error, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF file.

Note: This vulnerability is currently being exploited in the wild.

Impact

  • Remote Code Execution

System / Technologies affected

  • Adobe Reader version 9.2 and prior
  • Adobe Acrobat version 9.2 and prior

Solutions

Note: There is no patch available for this vulnerability currently.

Do not open untrusted PDF files.

Do not visit untrusted websites or follow untrusted links.

Workaround:

  • Disable JavaScript support.

    Edit -> Preferences -> JavaScript and uncheck Enable Acrobat JavaScript

    • Vulnerability Identifier

    Source

    Related Link

    Share with

    Previous

    Sun Solaris Gnome PDF Viewer Multiple Vulnerabilities

    15 Dec 2009 4597 Views

    Next

    Mozilla Products Multiple Vulnerabilities

    17 Dec 2009 4481 Views

    We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

    PRIVACY POLICY