Version 8.1.2 suffers from a stack buffer overflow when parsing some invalid PDF files.
The vulnerability is caused by a boundary error when parsing format strings containing a floating point specifier in a certain JavaScript function.
The vulnerability requires that users open a maliciously crafted PDF file thereby allowing attackers to gain access to vulnerable systems and assume the privileges of a user running Acrobat Reader.
Adobe Reader version 9, which was released in June 2008, is not vulnerable to the problem.
Adobe Acrobat 8 full of holes
By
Stewart Meagher
on Nov 6, 2008 6:23AM
