Secunia Advisory SA41340
Release Date 2010-09-08
Criticality level:Extremely critical
Impact : System access
Where : From remote
Solution Status Unpatched
Software:
Adobe Acrobat 8.x
Adobe Acrobat 9.x
Adobe Reader 8.x
Adobe Reader 9.x
Description
A vulnerability has been discovered in Adobe Reader, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the font parsing in CoolType.dll and can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted PDF file.
The vulnerability is confirmed in versions 8.2.4 and 9.3.4. Other versions may also be affected.
NOTE: The vulnerability is currently being actively exploited.
Solution
Do not open untrusted files.
Bollettino di Sicurezza
Release Date 2010-09-08
Criticality level:Extremely critical
Impact : System access
Where : From remote
Solution Status Unpatched
Software:
Adobe Acrobat 8.x
Adobe Acrobat 9.x
Adobe Reader 8.x
Adobe Reader 9.x
Description
A vulnerability has been discovered in Adobe Reader, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the font parsing in CoolType.dll and can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted PDF file.
The vulnerability is confirmed in versions 8.2.4 and 9.3.4. Other versions may also be affected.
NOTE: The vulnerability is currently being actively exploited.
Solution
Do not open untrusted files.
Bollettino di Sicurezza
Speriamo che il problema venga risolto presto.