• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Adobe Acrobat Reader Email Message Remote Buffer Overflow Vulnerability

Solution:
The vendor has released an upgrade dealing with this issue. Please see the referenced vendor knowledgebase article.

Gentoo Linux has released an advisory (GLSA 200412-12) resolving this issue. All Adobe Acrobat Reader users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-5.10"

For more information, please see the referenced Gentoo Linux advisory.

Red Hat has released advisory RHSA-2004:674-07 to address this issue in Red Hat Enterprise Linux. Please see the advisory in Web references for more information.

SuSE Linux has released a summary report (SUSE-SR:2005:001) advising that this as well as other issues have been resolved. Please see the referenced advisory for more information.


Adobe Acrobat Reader (UNIX) 5.0.9

• Adobe Acrobat Reader for Unix 5.0.10
  http://www.adobe.com/support/downloads/product.jsp?product=10&platform =unix


• SuSE acroread-5.010-4.1.i586.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/acroread-5.010-4. 1.i586.rpm


• SuSE acroread-5.010-4.2.i586.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/acroread-5.010-4. 2.i586.rpm


• SuSE acroread-5.010-5.i586.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/acroread-5.010-5. i586.rpm


• SuSE acroread-5.010-5.i586.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/acroread-5.010-5. i586.rpm


• SuSE acroread-5.010-5.i586.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/acroread-5.010-5. i586.rpm