The sooner these NX supporting CPU's come out, the better.. sheesh Andrew --o--
--- Begin Message ---
- From: Clearswift Threat Lab <threatnews@xxxxxxxxxxxxxxxxxxxxx>
- To: "Threat Lab News" <threatnews@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 13 Jul 2004 12:25:20 +0100
Dear Subscriber, iDEFENSE have reported a buffer overflow in the Adobe Reader version 6.0.1 used to display the Portable Document Format (PDF) files. http://www.idefense.com/application/poi/display?id=116&type=vulnerabilities (if the line above wraps over a single line in you mail client, please cut and paste the entire URL into your browser) An attacker can abuse this flaw to run arbitrary code remotely, with local privileges, simply by enticing the target user to attempt to open a PDF file, either on a web site or as an email attachment. The attack uses a crafted filename, with embedded nulls and a over-long extension. When the Adobe Reader attampts to parse this filename, a stack based overflow occurs. Adobe Acrobat may also be vulnerable. iDEFENSE discovered and reported this vulnerability to Adobe back in March. Adobe fixed the flaw in version 6.0.2, released 7 June 2004, but did not issue a vendor security advisory, merely refering to the issue as "Security update to further restrict malicious code execution." in the change log. The official Adobe response - "Adobe Systems Incorporated recommends that users update to the latest release of Adobe Acrobat and the free Adobe Reader, version 6.0.2. Instructions and further information is available at: http://www.adobe.com/support/techdocs/34222.htm."; We recommend a timely upgrade of users to Adobe Reader version 6.0.2. It is simply a matter of time before this is exploited by the worm writers and those who have not patched will be liable to become infected. Pete Simpson ThreatLab Manager CLEARSWIFT The MIMEsweeper Company --- You are currently subscribed to threatnews as: itinfo@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to leave-threatnews-81253V@xxxxxxxxxxxxxxxxxxxxxxxx
--- End Message ---