The "highly critical" bug, in versions 2.1 and earlier, is caused by the handling of section names when the application processes AOM files, according to Secunia. Attackers can exploit the flaw to cause a stack-based buffer overflow that could lead to the execution of arbitrary code, the vulnerability tracking firm said in an advisory.
In order for the attack to succeed, however, users must load a malicious Adobe file when visiting a website or through email, according to a company security bulletin released Tuesday.
In lieu of a fix, Adobe suggests users upgrade to Download Manager 2.2, which is not affected by the vulnerability. Download Manager is used to improve the downloading process of Adobe files.
In another bulletin released Tuesday, Adobe advised users to upgrade to Reader 8 to protect against bugs caused by memory corruption errors in the AcroPDF ActiveX Control. Hackers could exploit the vulnerabilities to take control of an affected system.
Click here to email Dan Kaplan.
_(33).jpg&h=140&w=231&c=1&s=0)
iTnews Cloud Covered Breakfast Summit
Live & Hands On Demo: Navigating the BMC AMI DevX Platform to Understand Code Faster Using AI
Melbourne Cloud & Datacenter Convention 2026
iTnews Executive Retreat - Data & AI Edition
The 2026 iAwards
_(1).jpg&h=140&w=231&c=1&s=0)
