[Linux] Demo Exploits for Acrobat in the wild

According to SecurityFocus Adobe Acrobat Reader has been compromised by using a JavaScript buffer overflow.Demo exploits have already been located on the internet. It may only be a matter of time until this exploit gets used by the botnet guys. Pay attention which PDF documents you really need to open on the net.

Description

Acrobat Reader’s getAnnots() Javascript is vulnerable to remote code execution. Arbitrary code can be run with the user’s privileges, thus circumventing Acrobat Reader’s security system.

Affected Versions

Demo Exploits are in the wild for

  • Linux Acrobat Reader 8.14
  • Linux Acrobat Reader 9.1

Other operating system may also be affected.

Workaround

As there is no patch available by Adobe at this moment, uninstalling the Acrobat Reader seems to be the best choice. Third party PDF readers are available all over the net. Find one of them here.

Leave a Reply

Your email address will not be published. Required fields are marked *