Original URL: http://www.theregister.co.uk/2004/12/17/adobe_patches_bugs/

Adobe patches Acrobat, Reader flaws

Read all about it

By John Leyden

Posted in Applications, 17th December 2004 11:57 GMT

Adobe has released updates for Acrobat and Reader to fix security bugs that might allow attackers to gain access to unpatched systems. A trio of vulnerabilities pose a risk to users of version 6.0.0 to 6.0.2 of Abode’s products.

First up, there's a vulnerability in the handling of Flash files embedded in PDF documents that can be exploited to read files on user's systems. Adobe has also acknowledged multiple flaws in a software library called 'libpng'. Lastly a format string error in an eBook plug-in creates a risk when parsing ".etd" files that could be exploited to execute arbitrary code.

Security firm Secunia describes the flaws as "highly critical". Adobe said that an exploit for the flaws is yet to be released. But that's no reason for complacency. Users are advised to upgrade to the 6.0.3 version of Reader or Acrobat to defend against the flaws. ®

Related stories

Cracker spills the beans on PDF flaw
Adobe anti-counterfeiting code trips up kosher users
Adobe beta tests Acrobat Reader 7.0