Adobe has warned of a serious flaw affecting one of the most widely distributed client applications, Acrobat Reader. The flaw
leaves users open to attack via maliciously crafted PDF files, which can be spread via e-mail attachment Web page links, and
can be used to take control of a system.
"Remote exploitation of a buffer overflow in Adobe Acrobat Reader for Unix could allow an attacker to execute arbitrary code,"
said security firm iDefense, which discovered the flaw, in an advisory.
A number of bugs in Acrobat Reader have emerged in recent weeks, but none were particularly serious. The last serious flaw
to affect Acrobat Reader was in December 2004, when Acrobat Reader 5.x and 6.x were hit by several vulnerabilities allowing
remote attackers to execute malicious code.
The flaw affects Acrobat Reader 5.x for Unix and Linux, which has a large installed base despite the availability of newer
versions. PDF is widely used as a platform-independent file format, and unlike Microsoft Office document formats, has full
support on Unix and Linux.
The bug is in the function UnixAppOpenFilePerform(), which is called by Acrobat Reader while opening certain documents, iDefense
said. User-supplied data is copied into a fixed-sized stack buffer, which leads to a stack-based buffer overflow and the execution
of arbitrary code, iDefense said. A remote attacker can easily choose data to exploit the hole without needing to know stack
addresses, said the firm.
The bug is made somewhat less dangerous by the fact that two error messages appear before the exploit takes effect, but closing
the message windows doesn't stop the attack from taking place, iDefense said.
IDefense and Adobe recommended caution when opening attachments or following links, and said users should upgrade to an unaffected
version, such as Acrobat Reader 7.0.
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
