Bugtraq mailing list archives
Re: [SPSadvisory#39]Adobe Acrobat Series PDF File Buffer Overflow
From: Dan Harkless <dan-bugtraq () DILVISH SPEED NET>
Date: Fri, 4 Aug 2000 14:17:58 -0700
UNYUN <shadowpenguin () BACKSECTION NET> writes:
SPS Advisory #39 Adobe Acrobat Series PDF File Buffer Overflow UNYUN <shadowpenguin () backsection net> Shadow Penguin Security (http://shadowpenguin.backsection.net) ------------------------------------------------------------- [Date] July 26, 2000 [vulnerable] Acrobat Reader 3.0J for Windows95/98/NT/2000 Acrobat Reader 4.0J for Windows95/98/NT/2000 Acrobat Reader 4.05J for Windows95/98/NT/2000 Acrobat 3.0J for Windows95/98/NT/2000 Acrobat 4.0J for Windows95/98/NT/2000 Acrobat 4.05J for Windows95/98/NT/2000 Adobe Acrobat Business Tools for Windows95/98/NT/2000 Adobe Acrobat FillIn for Windows95/98/NT/2000 [not vulnerable] Adobe Acrobat/reader/FillIn/BuinessTools 4.05c
[...] I take it you didn't test non-Japanese versions other than 4.05c? The page on the Adobe site you mention: http://www.adobe.com/misc/pdfsecurity.html says that the "Affected products" are just the 4.05 versions (and "Fill In"), but they also say that if you have earlier versions you should upgrade to 4.05 before applying "Update 2". It's therefore ambiguous whether, for instance, U.S. Acrobat Reader 4.0 is affected. Oh well, I guess I'll assume it is and download 4.05c at: http://www.adobe.com/products/acrobat/readmemain.html ---------------------------------------------------------------------- Dan Harkless | To prevent SPAM contamination, please dan-bugtraq () dilvish speed net | do not mention this private email SpeedGate Communications, Inc. | address in Usenet posts. Thank you.
Current thread:
- Re: [SPSadvisory#39]Adobe Acrobat Series PDF File Buffer Overflow Dan Harkless (Aug 06)
- <Possible follow-ups>
- Re: [SPSadvisory#39]Adobe Acrobat Series PDF File Buffer Overflow Dan Harkless (Aug 07)