Secunia Advisory: SA30832
Release Date: 2008-06-24
Critical: Highly critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch
Software:
Adobe Acrobat 3D
Adobe Acrobat 7 Professional
Adobe Acrobat 7.x
Adobe Acrobat 8 Professional
Adobe Acrobat 8.x
Adobe Reader 7.x
Adobe Reader 8.x
Description:
A vulnerability has been reported in Adobe Reader/Acrobat, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the implementation of an unspecified JavaScript method and can be exploited to cause a crash or potentially execute arbitrary code via a specially crafted PDF file.
NOTE: The vulnerability is reportedly being exploited in the wild.
The vulnerability is reported in the following products and versions:
* Adobe Reader versions 8.0 through 8.1.2
* Adobe Reader versions 7.0.9 and earlier
* Adobe Acrobat Professional, 3D and Standard versions 8.0 through 8.1.2
* Adobe Acrobat Professional, 3D and Standard versions 7.0.9 and earlier
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, using the Network Software Inspector.
Solution:
Adobe Reader 8 for Windows:
Update to Adobe Reader 8.1.2 Security Update 1.
http://www.adobe.com/support/downloads/detail.jsp?ftpID=3967
Adobe Reader 8 for Macintosh:
Update to Adobe Reader 8.1.2 Security Update 1.
http://www.adobe.com/support/downloads/detail.jsp?ftpID=3966
Acrobat 8 for Windows:
Update to Acrobat 8.1.2 Security Update 1.
http://www.adobe.com/support/downloads/detail.jsp?ftpID=3976
Acrobat 8 for Macintosh:
Update to Acrobat 8.1.2 Security Update 1.
http://www.adobe.com/support/downloads/detail.jsp?ftpID=3977
Acrobat 3D Version 8 for Windows:
Update to Acrobat 3D Version 8.1.2 Security Update 1.
http://www.adobe.com/support/downloads/detail.jsp?ftpID=3975
Adobe Reader 7.0 through 7.0.9:
Upgrade to Adobe Reader 7.1.0.
http://www.adobe.com/go/getreader
Acrobat 7 for Windows:
Update to Acrobat 7.1.0.
http://www.adobe.com/support/download...ct.jsp?product=1&platform=Windows
Acrobat 7 for Macintosh:
Update to Acrobat 7.1.0.
http://www.adobe.com/support/download....jsp?product=1&platform=Macintosh
Bollettino Sicurezza
Aggiornate tramite l'update automatico di Adobe
Release Date: 2008-06-24
Critical: Highly critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch
Software:
Adobe Acrobat 3D
Adobe Acrobat 7 Professional
Adobe Acrobat 7.x
Adobe Acrobat 8 Professional
Adobe Acrobat 8.x
Adobe Reader 7.x
Adobe Reader 8.x
Description:
A vulnerability has been reported in Adobe Reader/Acrobat, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the implementation of an unspecified JavaScript method and can be exploited to cause a crash or potentially execute arbitrary code via a specially crafted PDF file.
NOTE: The vulnerability is reportedly being exploited in the wild.
The vulnerability is reported in the following products and versions:
* Adobe Reader versions 8.0 through 8.1.2
* Adobe Reader versions 7.0.9 and earlier
* Adobe Acrobat Professional, 3D and Standard versions 8.0 through 8.1.2
* Adobe Acrobat Professional, 3D and Standard versions 7.0.9 and earlier
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, using the Network Software Inspector.
Solution:
Adobe Reader 8 for Windows:
Update to Adobe Reader 8.1.2 Security Update 1.
http://www.adobe.com/support/downloads/detail.jsp?ftpID=3967
Adobe Reader 8 for Macintosh:
Update to Adobe Reader 8.1.2 Security Update 1.
http://www.adobe.com/support/downloads/detail.jsp?ftpID=3966
Acrobat 8 for Windows:
Update to Acrobat 8.1.2 Security Update 1.
http://www.adobe.com/support/downloads/detail.jsp?ftpID=3976
Acrobat 8 for Macintosh:
Update to Acrobat 8.1.2 Security Update 1.
http://www.adobe.com/support/downloads/detail.jsp?ftpID=3977
Acrobat 3D Version 8 for Windows:
Update to Acrobat 3D Version 8.1.2 Security Update 1.
http://www.adobe.com/support/downloads/detail.jsp?ftpID=3975
Adobe Reader 7.0 through 7.0.9:
Upgrade to Adobe Reader 7.1.0.
http://www.adobe.com/go/getreader
Acrobat 7 for Windows:
Update to Acrobat 7.1.0.
http://www.adobe.com/support/download...ct.jsp?product=1&platform=Windows
Acrobat 7 for Macintosh:
Update to Acrobat 7.1.0.
http://www.adobe.com/support/download....jsp?product=1&platform=Macintosh
Bollettino Sicurezza
Aggiornate tramite l'update automatico di Adobe
nun se ne puo' piu' 
