How do you do the solution? Al Marquardt ampm@xxxxxxx Al Marquardt Electronic Repair 206 W Main Girardville Pa. 17935 ----- Original Message ----- From: "Doug Keller" <dek@xxxxxxxxxxxxxx> To: <techassist@xxxxxxxxxxxxx> Sent: Wednesday, October 13, 2004 11:42 AM Subject: [TechAssist] Vulnerability in Adobe Acrobat/Adobe Reader, Disclosure of Sensitive Information > **Information purposes only - DO NOT REPLY!! > > > Subject: [SA12809] Adobe Acrobat / Adobe Reader Disclosure of Sensitive > Information > > TITLE: > Adobe Acrobat / Adobe Reader Disclosure of Sensitive Information > > SECUNIA ADVISORY ID: > SA12809 > > VERIFY ADVISORY: > http://secunia.com/advisories/12809/ > > CRITICAL: > Moderately critical > > IMPACT: > Exposure of sensitive information > > WHERE: >>From remote > > SOFTWARE: > Adobe Reader 6.x > http://secunia.com/product/1810/ > Adobe Acrobat 6.x > http://secunia.com/product/1809/ > > DESCRIPTION: > A vulnerability in Adobe Acrobat and Adobe Reader, which > can be exploited by malicious people to disclose > sensitive information. > > The problem is that embedded Macromedia flash files are executed in a > local context. This can be exploited to read local files by embedding > a specially crafted flash file in a PDF file located on e.g. a > malicious web site. > > The vulnerability has been confirmed on Adobe Reader 6.01 and 6.02 > for Windows. > > SOLUTION: > Disable Javascript in Adobe Acrobat and Adobe Reader. > > > > > > > > -- > Doug Keller > Wis-Kel Electronics > 101 Freeland Ave. > Terra Alta, WV > USA 26764 > dek@xxxxxxxxxxxxxx > dek@xxxxxxxxxxxxxxx > http://www.tech-assist.org > "Learn from the mistakes of others, because you > won't live long enough to make them all yourself" > > > > > ----------------------------------------------------------------------------- > Lost Password: > http://www.tech-assist.org and select "Login Problems?". > Email Archives: > //www.freelists.org/archives/techassist/ > > ----------------------------------------------------------------------------- Lost Password: http://www.tech-assist.org and select "Login Problems?". Email Archives: //www.freelists.org/archives/techassist/