[Vulnerable] Adobe Acrobat / Reader File Extension

Adobe Acrobat / Reader File Extension Buffer Overflow Vulnerability
http://secunia.com/advisories/12053/


Secunia Advisory: SA12053
Release Date: 2004-07-13

Critical: Moderately critical
Impact: System access
Where: From remote

Software: Adobe Acrobat 6.x
Adobe Reader 6.x

Choose a product and view comprehensive vulnerability statistics and
all Secunia advisories affecting it.

CVE reference: CAN-2004-0632

Description:
Greg MacManus has discovered a vulnerability in Adobe Acrobat /
Reader, which potentially can be exploited by malicious people to
compromise a user's system.

The vulnerability is caused due to a parsing and boundary error when
splitting filename paths into components. This causes a stack-based
buffer overflow when opening a file with an overly long, unhandled
file extension.

Successful exploitation requires that a user is tricked into opening a
malicious PDF document.

Solution:
Update to version 6.0.2.
http://www.adobe.com/support/techdocs/34222.htm

Provided and/or discovered by:
Greg MacManus, iDEFENSE.

Original Advisory:
http://www.idefense.com/applicat...?id6&type=vulnerabilities



Meritorios de Filtrado (Kill-File Global):
tella llop, jm (N.B. 2003.10.25)


«Prefiero molestar con la verdad que complacer con adulaciones (Lucio

Si quieres postear todas las parrafadas que postéas, al menos tradúcelas al
español. No sé si la jerarquía «es.» te dice algo.

No creo que sea normal que el 23% de los mensajes de
es.comp.os.ms-windows.misc sean tuyos, eso en mi pueblo se llama reventar el
grupo.



"Ille Corvus" escribió en el mensaje
news:
Mostrar la cita

Adobe Acrobat / Reader File Extension Buffer Overflow Vulnerability
http://secunia.com/advisories/12053/


Secunia Advisory: SA12053
Release Date: 2004-07-13

Critical: Moderately critical
Impact: System access
Where: From remote

Software: Adobe Acrobat 6.x
Adobe Reader 6.x

Choose a product and view comprehensive vulnerability statistics and
all Secunia advisories affecting it.

CVE reference: CAN-2004-0632

Description:
Greg MacManus has discovered a vulnerability in Adobe Acrobat /
Reader, which potentially can be exploited by malicious people to
compromise a user's system.

The vulnerability is caused due to a parsing and boundary error when
splitting filename paths into components. This causes a stack-based
buffer overflow when opening a file with an overly long, unhandled
file extension.

Successful exploitation requires that a user is tricked into opening a
malicious PDF document.

Solution:
Update to version 6.0.2.
http://www.adobe.com/support/techdocs/34222.htm

Provided and/or discovered by:
Greg MacManus, iDEFENSE.

Original Advisory:
http://www.idefense.com/applicat...?id6&type=vulnerabilities



Meritorios de Filtrado (Kill-File Global):
tella llop, jm (N.B. 2003.10.25)


«Prefiero molestar con la verdad que complacer con adulaciones (Lucio

Anneo Seneca)»

Si quieres postear todas las parrafadas que postéas, al menos tradúcelas

español. No sé si la jerarquía «es.» te dice algo.

No creo que sea normal que el 23% de los mensajes de
es.comp.os.ms-windows.misc sean tuyos, eso en mi pueblo se llama reventar

grupo.



"Ille Corvus" escribió en el mensaje
news:
Mostrar la cita

Adobe Acrobat / Reader File Extension Buffer Overflow Vulnerability
http://secunia.com/advisories/12053/


Secunia Advisory: SA12053
Release Date: 2004-07-13

Critical: Moderately critical
Impact: System access
Where: From remote

Software: Adobe Acrobat 6.x
Adobe Reader 6.x

Choose a product and view comprehensive vulnerability statistics and
all Secunia advisories affecting it.

CVE reference: CAN-2004-0632

Description:
Greg MacManus has discovered a vulnerability in Adobe Acrobat /
Reader, which potentially can be exploited by malicious people to
compromise a user's system.

The vulnerability is caused due to a parsing and boundary error when
splitting filename paths into components. This causes a stack-based
buffer overflow when opening a file with an overly long, unhandled
file extension.

Successful exploitation requires that a user is tricked into opening a
malicious PDF document.

Solution:
Update to version 6.0.2.
http://www.adobe.com/support/techdocs/34222.htm

Provided and/or discovered by:
Greg MacManus, iDEFENSE.

Original Advisory:
http://www.idefense.com/applicat...?id6&type=vulnerabilities



Meritorios de Filtrado (Kill-File Global):
tella llop, jm (N.B. 2003.10.25)


«Prefiero molestar con la verdad que complacer con adulaciones (Lucio

Anneo Seneca)»

je... es que es como un poco tonto... pero sin el como.

ademñas a los narcisos les gusta verse siempre ellos

Jose Manuel Tella Llop
MVP - Windows
(quitar XXX)
http://www.multingles.net/jmt.htm

Este mensaje se proporciona "como está" sin garantías de

This posting is provided "AS IS" with no warranties, and

You assume all risk for your use.




"CUBE" <@hotmail.com> wrote in message

Mostrar la cita

Si quieres postear todas las parrafadas que postéas, al

Mostrar la cita

español. No sé si la jerarquía «es.» te dice algo.

No creo que sea normal que el 23% de los mensajes de
es.comp.os.ms-windows.misc sean tuyos, eso en mi pueblo

Mostrar la cita

grupo.



"Ille Corvus" escribió en el mensaje
news:
Mostrar la cita

Adobe Acrobat / Reader File Extension Buffer Overflow

Mostrar la cita

Mostrar la cita

http://secunia.com/advisories/12053/


Secunia Advisory: SA12053
Release Date: 2004-07-13

Critical: Moderately critical
Impact: System access
Where: From remote

Software: Adobe Acrobat 6.x
Adobe Reader 6.x

Choose a product and view comprehensive vulnerability

Mostrar la cita

Mostrar la cita

all Secunia advisories affecting it.

CVE reference: CAN-2004-0632

Description:
Greg MacManus has discovered a vulnerability in Adobe

Mostrar la cita

Mostrar la cita

Reader, which potentially can be exploited by

Mostrar la cita

Mostrar la cita

compromise a user's system.

The vulnerability is caused due to a parsing and

Mostrar la cita

Mostrar la cita

splitting filename paths into components. This causes

Mostrar la cita

Mostrar la cita

buffer overflow when opening a file with an overly

Mostrar la cita

Mostrar la cita

file extension.

Successful exploitation requires that a user is

Mostrar la cita

Mostrar la cita

malicious PDF document.

Solution:
Update to version 6.0.2.
http://www.adobe.com/support/techdocs/34222.htm

Provided and/or discovered by:
Greg MacManus, iDEFENSE.

Original Advisory:
http://www.idefense.com/applicat...?

Mostrar la cita

Mostrar la cita

Meritorios de Filtrado (Kill-File Global):
tella llop, jm (N.B. 2003.10.25)


«Prefiero molestar con la verdad que complacer con

Mostrar la cita

Anneo Seneca)»

.