Wednesday, April 29, 2009

Adobe Reader security hole

Bookmark and Share

Adobe reader is prone to remote code execution vulnerability due to an error in the "getAnnots()" JavaScript function and exploiting it could allow someone to remotely execute code on the machine. Reader 8.1.4 and 9.1 for Linux are vulnerable; other versions or platforms may also be affected, according to securityfocus.com (Bugtraq ID #34736).

Users should disable JavaScript in Adobe Reader by navigating to Edit->Preferences->JavaScript->Uncheck enable Acrobat JavaScript as per US-CERT.

Check out Adobe blog post for their response.


No comments:

Post a Comment

Your valuable comments are welcome. (Comments will be moderated.)

 




Technology