Related information

Adobe Acrobat / Reader multiple security vulnerabilities

ZDI-08-004: Adobe AcrobatReader Javascript for PDF Integer Overflow Vulnerability

US-CERT Technical Cyber Security Alert TA08-043A -- Adobe Reader and Acrobat Vulnerabilities

iDefense Security Advisory 02.08.08: Adobe Reader and Acrobat Multiple Stack-based Buffer Overflow Vulnerabilities

iDefense Security Advisory 02.08.08: Adobe Reader Security Provider Unsafe Libary Path Vulnerability

From:	cocoruder <cocoruder_(at)_gmail.com>
Date:	10.02.2008
Subject:	Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability

Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability

by cocoruder(frankruder@hotmail.com)
http://ruder.cdut.net


Summary:

   A design error vulnerability exists in Adobe Reader and Adobe
Acrobat Professional. A remote attacker who successfully exploit this
vulnerability can control the printer without user's permission.



Affected Software Versions:

   Adobe Reader 8.1.1 and earlier versions
   Adobe Acrobat Professional, 3D and Standard 8.1.1 and earlier versions



Details:

   Currently there is no details released because the final patch is
not available, more informations will be updated soon.



Solution:

   Adobe has released an advisory for this vulnerability and a patch
for Adobe Reader which are available on:

   http://www.adobe.com/support/security/advisories/apsa08-01.html

   Fortinet advisory can be found at:

   http://www.fortiguardcenter.com



CVE Information:

   To be updated



Disclosure Timeline:

   2007.11.01        Vendor notified
   2007.11.02        Vendor responded
   2008.02.07        Initial coordinated disclosure



--EOF--