Thread: Unpatched Adobe Reader users in jeopardy
View Single Post
Old 01-06-2007, 05:51 PM   #1
Alexander Turcic
Fully Converged
Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.
 
Alexander Turcic's Avatar
 
Posts: 18,175
Karma: 14021202
Join Date: Oct 2002
Location: Switzerland
Device: Too many to count here.
Unpatched Adobe Reader users in jeopardy
Stefano Di Paola and Giorgio Fedon uncovered a serious cross-site scripting vulnerability that affects unpatched versions of the Adobe Reader plug-in which is used to view PDF files from within Web browsers. The vulnerability could allow an attacker to run malicious Javascript code on compromised systems. Security researchers advise us to update Adobe to at least V7.0.9 or V8.0.

Alternatively, you can disable the Adobe Reader browser plug-in (in Firefox within the Settings / Content / Filetypes menu). Or alternatively, use Foxit Reader instead.

Original paper discussing the vulnerability: link (PDF!)
Technical explanation of the vulnerability: link

[via CNet]
Alexander Turcic is offline   Reply With Quote