[Scribus] Warning: Buffer overflow vulnerability in Adobe Reader
Ludi Maciel
iludi
Fri Jul 8 00:01:05 CEST 2005
Security Advisory: Buffer overflow vulnerability in Adobe Reader (Linux,
Solaris, HP-UX, IBM-AIX)
Advisory Name: Buffer overflow vulnerability in Adobe Reader
Release Date: July 05, 2005
Product: Adobe Reader 5.0.9, 5.0.10
Platform: Linux, Solaris, HP-UX, IBM-AIX
Vulnerability Identifier: CAN-2005-1625
Overview: A vulnerability within Adobe Reader has been identified. Under
certain circumstances, remote exploitation of a buffer overflow in Adobe
Reader could allow an attacker to execute arbitrary code.
Adobe has solutions available that can rectify these issues. Please refer to
the "Recommendations" section for further information.
Effect: If exploited, it could allow the execution of arbitrary code under the
privileges of the local user. Remote exploitation is possible if the
malicious PDF document is sent as an email attachment or if the PDF document
is accessed via a web link.
Details: The vulnerability is within the Adobe Reader control. Under special
circumstances, if a malicious PDF file is opened using Adobe Reader, a stack
buffer overflow could occur resulting in the execution of arbitrary code.
More in http://www.adobe.com/support/techdocs/329083.html
Regards
Ludi
--
America/Brazil GMT -3
Ubuntu Linux 5.04
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://nashi.altmuehlnet.de/pipermail/scribus/attachments/20050707/b4f4cf31/attachment.pgp
More information about the scribus
mailing list