Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - New Adobe vulnerability InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

New Adobe vulnerability

Published: 2006-11-29
Last Updated: 2006-11-29 18:34:37 UTC
by Toby Kohlenberg (Version: 1)
0 comment(s)
Frank Klein has written to let us know that there are new vulnerabilities in Adobe Acrobat and Acrobat Reader that have the potential for code execution as a result of incorrect argument handling in the ActiveX control for IE. There is no patch currently available and Adobe is offering a mitigation of deleting the control. FrSIRT has provided a kill bit option that you can set that should disable the control.

The vulnerable versions are:
Adobe Standard, Reader & Professional 7.0.0 - 7.0.8

http://www.frsirt.com/english/advisories/2006/4751
http://www.adobe.com/support/security/advisories/apsa06-02.html
Keywords: Acrobat Adobe Reader
0 comment(s)
Diary Archives