Adobe Reader Patch Fixes Remote-Control Vulnerability

November 05th, 2008 | Category: Tech Talk

Adobe Systems has released a safety measure fix to address eight major vulnerabilities in version 8.12 of its free Adobe Reader application. The flaw was first reported to Adobe five months ago.

Core safety measure Technologies on Tuesday issued an advisory disclosing the vulnerability, which could affect millions of individuals and businesses that use the popular PDF file-viewing software. Specifically, CoreLabs engineers discovered attackers could exploit Adobe Reader to gain access to vulnerable systems by using a specially crafted

PDF file with malicious JavaScript composition.

“As with many of today’s ubiquitous client-side applications, the sheer complexity of Adobe Reader makes a broad surface for potential vulnerabilities and, in that case, Adobe’s inclusion of a fully fledged JavaScript engine introduces the same types of implementation bugs commonly found in such sophisticated client-side programs,” said Ivan Arce, Core’s CTO.


Exploring the Flaw

Core discovered the Adobe flaw while investigating the […]

Orginal post by dhiram

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Netvouz
  • DZone
  • ThisNext
  • MisterWong
  • Wists
Related Articles
  • Adobe Flash Flaw Could Give Attackers Full Control
  • Patch Tuesday Includes Wireless Vulnerability
  • Microsoft Releases Out-of-Band Patch for IE
  • Patch Tuesday Fixes a Record 26 Vulnerabilities
  • Adobe, Oracle form Up for Light MS Patch Tuesday
  • Patch Tuesday Addresses Eight Critical Vulnerabilities
  • Patch Tuesday Light, But protection Fixes Are Critical
  • Light Patch Tuesday Release Fixes Serious Threats
  • June Patch Tuesday Addresses Bluetooth, Kill Bit
  • Patch Tuesday Plugs 12 Holes in Microsoft Office

    • No comments yet. Be the first.

    Leave a reply