• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Adobe Acrobat and Reader Multiple Arbitrary Code Execution and Security Vulnerabilities

References:

• Adobe Reader 8 Homepage (Adobe)
  
• Adobe Reader 8.1.2 Release Notes (Adobe)
  
• Adobe Reader Download Page (Adobe)
  
• Attacking Embedded Languages (pablo.sole@immunityinc.com)
  
• Technical Cyber Security Alert TA08-043A (US-CERT)
  
• [Advisory Update]Adobe Reader/Acrobat Remote PDF (cocoruder)
  
• Adobe Acrobat Professional Javascript For PDF Security Feature Bypass and Memory (cocoruder)
  
• Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability (cocoruder )
  
• iDefense Security Advisory 02.08.08: Adobe Reader and Acrobat JavaScript Insecur (iDefense Labs )
  
• iDefense Security Advisory 02.08.08: Adobe Reader and Acrobat Multiple Stack-bas (iDefense Labs )
  
• iDefense Security Advisory 02.08.08: Adobe Reader Security Provider Unsafe Libar (iDefense Labs )
  
• Malformed Acrobat Distiller 8 .joboptions ("Paul Craig" )
  
• Adobe Reader and Acrobat JavaScript Insecure Method Exposure Vulnerability (iDefense)
  
• Adobe Reader and Acrobat Multiple Stack-based Buffer Overflow Vulnerabilities (iDefense)
  
• Adobe Reader Security Provider Unsafe Libary Path Vulnerability (iDefense)
  
• APSA08-01 Security update available for Adobe Reader and Acrobat 8 (Adobe)
  
• APSB08-13 Security Updates available for Adobe Reader and Acrobat 7 and 8 (Adobe)
  
• ASA-2008-281 Multiple Security Vulnerabilities in the Adobe Reader may lead to E (Avaya)
  
• Malformed .joboptions File Effecting Adobe Acrobat Distiller v8 (Security-Assessment.com)
  
• Nortel response to Adobe Advisory APSB08-13 (Nortel Networks)
  
• Nortel Response to Adobe Reader Vulnerabilities (APSA08-01) (Nortel Networks)
  
• RHSA-2008:0144-5 acroread security update (Red Hat)
  
• Solution 239286: Multiple Security Vulnerabilities in the Adobe Reader may lead (Sun Microsystems)
  
• Vulnerability Note VU#140129 Adobe Reader EScript.api arbitrary code execution (US-CERT)
  
• Vulnerability Note VU#666281 Adobe JavaScript methods buffer overflow vulnerabil (US-CERT)
  
• ZDI-08-004 Adobe Acrobat Javascript for PDF Integer Overflow Vulnerability (ZDI)