Original URL: http://www.theregister.co.uk/2005/08/17/adobe_pdf_glich/

Adobe warns over PDF peril

Cross platform vuln menaces mankind

By John Leyden

Posted in Security, 17th August 2005 14:41 GMT

In brief Adobe has issued updates to guard against a buffer overflow vulnerability in various versions of its popular Acrobat and Reader software packages. The security bug, which stems from an unspecified boundary error in the core application plug-in, might be used to inject hostile code into vulnerable systems by tricking potential victims into opening a maliciously constructed PDF file.

"If the vulnerability were successfully exploited, the application could crash with an increased risk of arbitrary code execution," Adobe warns. Security clearing house Secunia describes the software flaw as critical. Adobe Reader users on Windows or Mac OS are advised to upgrade to version 7.0.3 or 6.0.4. Acrobat users on Windows or Mac OS are urged to adopt version 7.0.3, 6.0.4 or 5.0.10. Linux or Solaris users of Adobe Reader should step up to version 7.0.1. Adobe's advisory can be found here. ®