Gentoo Linux Security Advisory GLSA 200901-09 - Adobe Reader is vulnerable to execution of arbitrary code. An unspecified vulnerability can be triggered by a malformed PDF document, as demonstrated by 2008-HI2.pdf. Versions less than 8.1.3 are affected.
7718ca1fa5e950611e525de6e23a06d8b93c2bdb0e7de7e27cb253756f1cb639iDefense Security Advisory 11.04.08 - Remote exploitation of a heap corruption vulnerability in Adobe Systems Inc.'s Acrobat Professional and Reader could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerable code is an AcroJS function available to scripting code inside of a PDF document. This function is used for HTTP authentication. By passing a long string to this function, it is possible to corrupt heap memory in such a way that may lead to the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in Acrobat Professional and Adobe Reader version 8.1.2. Previous versions may also be affected.
a68c90f63ac9868f9aebc1ff546acd3970b4d2503d3f2a2ce5fdfbfa73f12e69iDefense Security Advisory 11.04.08 - Remote exploitation of a stack based buffer overflow vulnerability in NOS Microsystems Ltd.'s getPlus Download Manager, potentially used by multiple vendors, could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in getPlus gp.ocx version 1.2.2.50, which is used in web based installations of Adobe Reader 8.1. Previous versions may also be affected.
f82cd5bb85b3a959d2c8d724ce4105aa767646e05a45b9d840a37588554309e9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed