Adobe Repairs Reader, Acrobat Flaws

Posted by: Spyrios

Adobe Repairs Reader, Acrobat Flaws - 12/17/04 05:05 PM

Adobe this week updated its Acrobat and Reader software to fix vulnerabilities spotted by security intelligence firm iDefense.
Adobe this week updated its Acrobat and Reader software to fix vulnerabilities spotted by Reston, Vir.-based security intelligence firm iDefense.

On Tuesday, iDefense released an alert saying that Adobe Acrobat Reader 6.0.2 (and possibly earlier versions as well) could be hacked through the parsing of the .etd files used in eBook transactions. A successful attack could plant malicious code on the victim PC or Mac.

Adobe confirmed that bug, as well as two others -- one that might let malicious Flash code play in a PDF file, the second a vulnerability in the Acrobat/Reader PNG library -- and posted updated software to fix all three.

In reporting the Adobe vulnerabilities, Danish security firm Secunia tagged them with its highest warning: "Highly critical."

All users of either the Windows and Mac OS X editions of Adobe Reader and Adobe Acrobat should update to 6.0.3 "as a proactive measure," said Adobe in its online advisory.

As far as Adobe knows, no exploits of these vulnerabilities have taken place.

View Source Here Information Week