GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Fri Aug 19, 2005 3:08 pm Post subject: [ GLSA 200508-11 ] Adobe Reader: Buffer Overflow |
|
|
Gentoo Linux Security Advisory
Title: Adobe Reader: Buffer Overflow (GLSA 200508-11)
Severity: normal
Exploitable: remote
Date: August 19, 2005
Bug(s): #102730
ID: 200508-11
Synopsis
Adobe Reader is vulnerable to a buffer overflow which could potentially lead to execution of arbitrary code.
Background
Adobe Reader is a utility used to view PDF files.
Affected Packages
Package: app-text/acroread
Vulnerable: < 7.0.1.1
Unaffected: >= 7.0.1.1
Architectures: All supported architectures
Description
A buffer overflow has been reported within a core application plug-in, which is part of Adobe Reader.
Impact
An attacker may create a specially-crafted PDF file, enticing a user to open it. This could trigger a buffer overflow as the file is being loaded, resulting in the execution of arbitrary code.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-7.0.1.1" |
References
CAN-2005-2470
Adobe Document 321644
Last edited by GLSA on Sat Apr 21, 2007 4:17 am; edited 5 times in total |
|