Adobe Reader and Acrobat Vulnerabilities
http://jvnrss.ise.chuo-u.ac.jp/jtg/trn/en/TRTA08-043A.html
JVNRSS based Status Tracking Notes: Adobe has released Security advisory APSA08-01 to address multiple vulnerabilities affecting Adobe Reader and Acrobat. The most severe of these vulnerabilities could allow a remote attacker to execute arbitrary code.JVNRSS Feasibility Study Teamjvn@jvn.jpTRTA08-043A2008-02-17T08:01+00:002008-02-17T08:01+00:002008-02-17T08:01+00:00Adobe Reader and Acrobat Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA08-043A.html
Via US-CERT Mailing List
Adobe has released Security advisory APSA08-01 to address multiple vulnerabilities affecting Adobe Reader and Acrobat. The most severe of these vulnerabilities could allow a remote attacker to execute arbitrary code.
US-CERTTA08-043A2008-02-12T09:51-05:002008-02-12T09:51-05:002008-02-12T09:51-05:00Adobe Reader and Adobe Acrobat Remote Code Execution
http://www.iss.net/threats/283.html
Adobe Acrobat Reader 8.1.1 and earlier and Adobe Acrobat 8.1.1 are vulnerable to multiple vulnerabilities that would allow an attacker to execute arbitrary code on a remote system by enticing a user to open a specially-crafted PDF file. One of these vulnerabilities is currently being exploited in the wild.
IBM Internet Security Systemshttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5659http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5663http://xforce.iss.net/xforce/xfdb/40410http://xforce.iss.net/xforce/xfdb/404242008-02-122008-02-122008-02-12Active Exploitation of Adobe Reader Vulnerabilities
http://www.us-cert.gov/current/archive/2008/02/11/archive.html#publically_available_exploit_for_adobe
US-CERT Current Activity
US-CERT has received information that vulnerabilities affecting Adobe Reader are actively being exploited. These vulnerabilities are exploited through a maliciously crafted PDF file containing a variant of the Zonebac Trojan.
US-CERThttp://www.us-cert.gov/cas/techalerts/TA08-043A.html2008-02-11T11:41-04:002008-02-11T11:41-04:002008-02-11T11:41-04:00Adobe Reader exploit in the wild
http://isc.sans.org/diary.html?storyid=3958
The Adobe Reader vulnerability is being exploited in the wild! A malicious PDF file (called 1.pdf in this example) served from IP address "85.17.221.2" (not active at this time) downloads a malware specimen called Trojan, a variant of Zonebac. The IP address belongs to LeaseWeb, a hosting provider in The Netherlands we already notified.
SANS Internet Storm Centerhttp://www.us-cert.gov/cas/techalerts/TA08-043A.html2008-02-092008-02-092008-02-09Multiple vulnerabilities in commonly used client software
http://isc.sans.org/diary.html?storyid=3955
The last couple of days have brought up multiple serious vulnerabilities in very commonly used client software:
SANS Internet Storm Centerhttp://www.us-cert.gov/cas/techalerts/TA08-043A.html2008-02-08T02:28+00:002008-02-08T02:28+00:002008-02-08T02:28+00:00Trojan:W32/Agent.DXH
http://www.f-secure.com/v-descs/trojan_w32_agent_dxh.shtml
F-Securehttp://www.us-cert.gov/cas/techalerts/TA08-043A.html2008-02-082008-02-082008-02-08Adobe Reader Update
http://www.us-cert.gov/current/archive/2008/02/07/archive.html#adobe_reader_update
US-CERT Current Activity
Adobe has released Adobe Reader 8.1.2 to address multiple unspecified vulnerabilities.
US-CERThttp://www.us-cert.gov/cas/techalerts/TA08-043A.html2008-02-07T10:20-04:002008-02-07T10:20-04:002008-02-07T10:20-04:00Security update available for Adobe Reader and Acrobat 8
http://www.adobe.com/support/security/advisories/apsa08-01.html
On Feb. 6, Adobe made an update to Acrobat and Adobe Reader 8 available to update the products to version 8.1.2.
AdobeAPSA08-01http://www.us-cert.gov/cas/techalerts/TA08-043A.htmlhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5663http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5659http://www.kb.cert.org/vuls/id/140129http://www.kb.cert.org/vuls/id/6662812008-02-072008-02-072008-02-07Adobe AcrobatReader Javascript for PDF Integer Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-004.html
Integer Overflow Vulnerability (CVE-2008-0726)
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious web address or open a malicious file.
Vulnerability Reported
Zero Day Initiative (ZDI)ZDI-08-004http://www.us-cert.gov/cas/techalerts/TA08-043A.htmlhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-07262007-11-142007-11-142007-11-14Silent Print Vulnerability in Adobe Acrobat/Reader
http://www.fortiguardcenter.com/advisory/FGA-2008-04.html
A specially crafted PDF document may silently request to be printed with arbitrary frequency, causing a denial of service while wasting resources.
Vulnerability Reported
FortinetFGA-2008-04http://www.us-cert.gov/cas/techalerts/TA08-043A.html2007-11-012007-11-012007-11-01Adobe Reader and Acrobat Multiple Stack-based Buffer Overflow Vulnerabilities
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=657
Stack-based Buffer Overflow Vulnerabilities (CVE-2007-5659)
Vulnerability Reported
These issues exist due to insufficient input validation in several JavaScript methods. Inadequate checking is performed on the string length before it is copied into a fixed sized buffer on the stack. If an attacker supplies a long string, control structures on the stack may be modified, allowing the execution of arbitrary code.
iDefensehttp://www.us-cert.gov/cas/techalerts/TA08-043A.htmlhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-56592007-10-102007-10-102007-10-10Adobe Reader and Acrobat JavaScript Insecure Method Exposure Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=656
EScript.api plug-in vulnerability (CVE-2007-5663)
Vulnerability Reported
Adobe Reader and Acrobat implement a version of JavaScript in the EScript.api plug-in which is based on the reference implementation used in Mozilla products. One of the methods exposed allows direct control over low level features of the object, which in turn allows execution of arbitrary code.
iDefensehttp://www.us-cert.gov/cas/techalerts/TA08-043A.htmlhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-56632007-10-032007-10-032007-10-03Adobe Reader Security Provider Unsafe Libary Path Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=655
Untrusted search path vulnerability (CVE-2007-5666)
Vulnerability Reported
This vulnerability is due to Adobe Reader using a path for "Security Provider" libraries that contains the directory the application was started in. Security Provider libraries provide encryption and signature verification routines to applications. If the current directory contains a file with the same name as a Security Provider library, the file will be loaded into the application, potentially allowing code execution.
iDefensehttp://www.us-cert.gov/cas/techalerts/TA08-043A.htmlhttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-56662007-09-252007-09-252007-09-25oPg5HFaTBh/sGBRBW9XA7qzWUAw=bsqVDhV4DEYEdB0SecRM7swbvQ0=gy3Tvfdjt0X3YuGOwIBXjFW2jDpUJFQWnbzvVYaIwV9GWIoXwmBrsp0w9FVdq2NomYYL2sPQ8TxXtTtxJtNjZ3fqxMJGQPUx8jnDBRN6Rzl5+kAee4nJ9pM0ZIG4zZtgbupZEQgMaPtAJ/tku8Pni147XQolE4ItYG76KjViMtA=MIIE1DCCA7ygAwIBAgIQfBHY/s5/LRzGChqXgtjCKTANBgkqhkiG9w0BAQUFADCB3TELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNTEeMBwGA1UECxMVUGVyc29uYSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQDEy5WZXJpU2lnbiBDbGFzcyAxIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQSAtIEcyMB4XDTA3MDcwNTAwMDAwMFoXDTA4MDcwNDIzNTk1OVowggEhMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIGJ5IFJlZi4sTElBQi5MVEQoYyk5ODEeMBwGA1UECxMVUGVyc29uYSBOb3QgVmFsaWRhdGVkMTQwMgYDVQQLEytEaWdpdGFsIElEIENsYXNzIDEgLSBNaWNyb3NvZnQgRnVsbCBTZXJ2aWNlMSYwJAYDVQQDFB1KVk5SU1MgRmVhc2liaWxpdHkgU3R1ZHkgVGVhbTEfMB0GCSqGSIb3DQEJARYQanZucnNzQGlwYS5nby5qcDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsCjiweXb23sjKQajfCS8WiHjax1ppkfkjhN/SwBp/LOOXlpZpzW/lHtKSnWJLPOZzLxIJUWARTZ+T2y2wCzDnKU9TOkNx56u7iBhhATVRyPby22uRY0Pf+1uu8vnSZPvAR50FI9o2COo9xCqfXZWU/RNWSrsrxJd2XL4Y6sYzL0CAwEAAaOBzDCByTAJBgNVHRMEAjAAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHFwMwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTALBgNVHQ8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMEoGA1UdHwRDMEEwP6A9oDuGOWh0dHA6Ly9JbmRDMURpZ2l0YWxJRC1jcmwudmVyaXNpZ24uY29tL0luZEMxRGlnaXRhbElELmNybDANBgkqhkiG9w0BAQUFAAOCAQEAHbEsHsaKt3O4OUlcec2BOe+MAP4eGW5X494WdegnLEW4tlAxZvctmLeGr0VRXMtF1JumpTLQcdQvUFp15N2+RDa1PrMFrkrCz9BdextE/7mykda0DzsAvbroqHbsu3tZOhnE7T61ZxtBuXOC0jChphl96yDn8NxvebCwcApB46oeKSbAFT21HRIWGiCo1QaMvB390MzFfOFfft1oHivREyIjgXNyAUSTunj/rQhodTnQRVdRuVwa5KSUErWOnNFM2uuXaF/vJqVRX2QR6zr+S+JGbw3ykc/7zkixEBbkSv3wOTh7BmsXRzRvLcaD92ifxOqFxWHQxIqMSxsbJ6WyPQ==