Feeds

Adobe update quells Unix PDF peril

Acrobat stability restored

  • alert
  • submit to reddit

Top 5 reasons to deploy VMware with Tegile

In brief Adobe has issued patches for a common vulnerability in various Unix versions of its Acrobat Reader software to guard against possible hacker attack.

The vulnerability stems from a boundary error in "UnixAppOpenFilePerform()" function when Acrobat Reader is opening a document containing a "/Filespec" tag. This stack buffer overflow security bug creates a means for hackers to construct a maliciously constructed PDF file which, if opened by users, could be used to inject hostile code onto vulnerable systems. This arbitrary code would execute with the privileges of the user running vulnerable versions of Acrobat Reader for Unix (versions 5.0.9 and 5.0.10).

Adobe users on Linux and Solaris Platforms are advised to upgrade to Adobe Reader 7.0. IBM-AIX and HP-UX users need to step up to Adobe Acrobat Reader 5.0.11. Adobe has published an advisory explaining the issue. There's more info in a bulletin from security firm iDEFENSE, which discovered the security bug, here. ®

Related stories

Adobe patches Acrobat, Reader flaws
Cracker spills the beans on PDF flaw
Macromedia to merge with Adobe
Adobe and Macromedia: bad news for online tools

Beginner's guide to SSL certificates

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.