A second vulnerability, identified as CVE-2009-1493, which affects Adobe Reader for UNIX is also addressed.
It is strongly recommended that the appropriate update be installed as soon as possible!
Adobe Reader Updates:
Windows: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows.
Macintosh: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Macintosh.
UNIX: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Unix.
Acrobat Updates:
Windows:
- Acrobat Standard, Pro and Pro Extended: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Window
- Acrobat 3D: http://www.adobe.com/support/downloads/product.jsp?product=112&platform=Windows
Macintosh:
CVE-2009-1492:
The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments.CVE-2009-1493:
The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 8.1.4 and 9.1 on Linux allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.Reference: APSB09-06 Security Updates available for Adobe Reader and Acrobat
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
No comments:
Post a Comment
Neither spam nor comments containing vulgarities will be approved.