[virusinfo] Execution of remote code through Acrobat Reader - 4/25/05

• From: "Mike" <mikebike@xxxxxxxxx>
• To: virusinfo@xxxxxxxxxxxxx
• Date: Tue, 26 Apr 2005 14:10:44 -0700

From: Panda Oxygen3 24h-365d wrote:

"The more sand that has escaped from the hourglass of our life,
                    the clearer we should see through it"
                  Jean Paul (1763 - 1825), German novelist.

             - Execution of remote code through Acrobat Reader -
         Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, April 25, 2005 - Security Tracker has reported, at
http://www.securitytracker.com/alerts/2005/Apr/1013774.html,a vulnerability
in the well-known PDF reader, Adobe Acrobat Reader. This vulnerability
could allow a remote user to run arbitrary code.

To do this, the remote user would need to create a specially crafted PDF
file that, when loaded by Acrobat Reader, will trigger an
Invalid-ID-Handle-Error in 'AcroRd32.exe'. Values supplied by the attacker
could be written to certain memory locations and potentially executed.

As the problem has been reported recently, Adobe has not yet published an
update. For this reason, users are advised to be careful with PDF files
downloaded from dubious websites and to update the PDF reader as soon as
Adobe releases the update.

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.
------------------------------------------------------------

The 5 viruses most frequently detected by Panda ActiveScan, Panda
Software's free online scanner:
1)Mhtredir.gen; 2)Qhost.AF; 3)Agent.PF; 4)Shinwow.E; 5)Downloader.BSU.

------------------------------------------------------------
To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
------------------------------------------------------------

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member 

Other related posts:

• » [virusinfo] Execution of remote code through Acrobat Reader - 4/25/05

1. Home
2. virusinfo
3. Archive
4. 04-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---