On CBSNews.com: Washington Unplugged: G8 Summit
BNET Business Network:
BNET
TechRepublic
ZDNet
13 TalkBacks

By Joris Evers
Posted on ZDNet News: Aug 17, 2005 10:48:00 PM

A security flaw in Adobe Systems' popular Acrobat and Reader applications could be used to shut down or hijack vulnerable PCs.

By crafting a malicious PDF file, a remote attacker could cause the applications to crash or possibly commandeer the target computer, Adobe said in a security advisory published on Tuesday. The San Jose, Calif.-based software maker has updates available to fix the problem.

The security issue affects Adobe Reader for Windows, Mac OS, Linux and Solaris and Adobe Acrobat for Windows and Mac OS, Adobe said. Security monitoring company Secunia rates the issue "highly critical," according to an advisory posted Tuesday.

The vulnerability is a so-called buffer overflow within a core application plug-in that is part of Adobe Acrobat and Adobe Reader, the company said. Adobe itself discovered the error, according to the advisory.

Buffer overflows are a commonly exploited security problem. They occur when a program allows data to be written beyond the allocated end of a buffer in memory. A computer can be made to execute potentially malicious code by feeding in extra data that is designed to flood over the buffer.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 13 Talkback(s)
Re: Buffer Overflow
Even BASIC is subject to buffer overflows.

But in C you can include a function that traps the overflow but it slows down the program and increases it's size.

Overflow occurs when too muc... (Read the rest)
Posted by: just-me_z Posted on: 08/18/05 You are currently: a Guest | | Terms of Use
Let's see  NonZealot | 08/17/05
RE: Let's see  Linux User 147560 | 08/17/05
Not so sure  voska | 08/18/05
Monoculture  Yagotta B. Kidding | 08/18/05
I guess that makes sense  voska | 08/18/05
Adobe warns of Reader, Acrobat bug  Loverock Davidson | 08/17/05
RE: Adobe warns of Reader, Acrobat bug  Linux User 147560 | 08/18/05
So they think no one is using v5.0 Reader anymore  toomuchgreeatea@... | 08/17/05
Patched versions are 7.03, 6.0.4  Michel Merlin | 08/18/05
Adobe Flaw  shadowtee@... | 08/18/05
Buffer Overflow  misceng | 08/18/05
Re: Buffer Overflow  just-me_z | 08/18/05
But what about the buffer overflow flaw in  Boot_Agnostic | 08/18/05

What do you think?

advertisement
advertisement

White Papers, Webcasts, and Downloads

Smartphones

  • Last year, many businesses deferred the purchase of new laptops in favor of smartphones, and why not? Offering phone, calendar, email, IM and Web access, they're arguably the most practical business tools. Check out the latest CNET Reviews of Blackberry devices for all the knowledge you need to make an intelligent choice.
  • Designed for
    bold living.
  • blackberry bold
  • Edit Word docs, check email, even listen to iTunes® playlists. Do more and do it faster with the BlackBerry® Bold™.Learn more
  • blackberry logo
advertisement
Click Here