Adobe Reader/acrobat Javascript Method Handling Vulnerability

[TCH-Thomas]

From:

Secunia (secunia.com/advisories/30832/)

 

Rating:

Highly critical

 

Description:

A vulnerability has been reported in Adobe Reader/Acrobat, which potentially can be exploited by malicious people to compromise a user's system.

 

The vulnerability is caused due to an error in the implementation of an unspecified JavaScript method and can be exploited to cause a crash or potentially execute arbitrary code via a specially crafted PDF file.

 

NOTE: The vulnerability is reportedly being exploited in the wild.

 

The vulnerability is reported in the following products and versions:

* Adobe Reader versions 8.0 through 8.1.2

* Adobe Reader versions 7.0.9 and earlier

* Adobe Acrobat Professional, 3D and Standard versions 8.0 through 8.1.2

* Adobe Acrobat Professional, 3D and Standard versions 7.0.9 and earlier

 

Solution:

Adobe Reader 8 for Windows:

Update to Adobe Reader 8.1.2 Security Update 1.

adobe.com/support/downloads/detail.jsp?ftpID=3967

 

Adobe Reader 8 for Macintosh:

Update to Adobe Reader 8.1.2 Security Update 1.

adobe.com/support/downloads/detail.jsp?ftpID=3966

 

Acrobat 8 for Windows:

Update to Acrobat 8.1.2 Security Update 1.

adobe.com/support/downloads/detail.jsp?ftpID=3976

 

Acrobat 8 for Macintosh:

Update to Acrobat 8.1.2 Security Update 1.

adobe.com/support/downloads/detail.jsp?ftpID=3977

 

Acrobat 3D Version 8 for Windows:

Update to Acrobat 3D Version 8.1.2 Security Update 1.

adobe.com/support/downloads/detail.jsp?ftpID=3975

 

Adobe Reader 7.0 through 7.0.9:

Upgrade to Adobe Reader 7.1.0.

adobe.com/go/getreader

 

Acrobat 7 for Windows:

Update to Acrobat 7.1.0.

adobe.com/support/downloads/product.jsp?product=1&platform=Windows

 

Acrobat 7 for Macintosh:

Update to Acrobat 7.1.0.

adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh

[TCH-Bruce]

Thanks Thomas

 

Another reason to use Foxit Reader