Adobe Acrobat 8 full of holes

By on
Adobe Acrobat 8 full of holes

Users of version 8 of Adobe's ubiquitous PDF reader software should patch immediately to version 8.1.3 or upgrade to version 9 to prevent problems caused by serious flaws in the software.

Version 8.1.2 suffers from a stack buffer overflow when parsing some invalid PDF files.

The vulnerability is caused by a boundary error when parsing format strings containing a floating point specifier in a certain JavaScript function.

The vulnerability requires that users open a maliciously crafted PDF file thereby allowing attackers to gain access to vulnerable systems and assume the privileges of a user running Acrobat Reader.

Adobe Reader version 9, which was released in June 2008, is not vulnerable to the problem.
Got a news tip for our journalists? Share it with us anonymously here. (c) 2010 Incisive Media

Most Read Articles

Log In

  |  Forgot your password?