I know this is not brand new, but again all points to Microsoft fault, I mean it’s not only Adobe’s fault, at least this last one published a workaround to avoid the problem, you can find it here.
Surprisingly this bug doesn’t affect to Vista machines which is a point for Microsoft and for Vista too but considering all the vulnerabilities that remains in Vista from XP it will not be a great difference in the total score.
The description you can find in FrSIRT is:
”A vulnerability has been identified in Adobe Acrobat and Reader, which could be exploited by attackers to take complete control of an affected system with Internet Explorer 7 installed. This issue is caused by an input validation error when processing a specially crafted “mailto:” link, which could be exploited by remote attackers to inject and execute arbitrary commands by tricking a user into opening a specially crafted PDF document.”
Another PDF bug with “remote code execution” included, I think Adobe is not doing really right. (Even if no all the fault is theirs).
No Comments Yet
No comments yet.
Comments RSS TrackBack Identifier URI
Leave a comment
