94721 – app-text/acroread: remote exploitable overflow (v-s)

Bug 94721 - app-text/acroread: remote exploitable overflow (v-s)

Summary: app-text/acroread: remote exploitable overflow (v-s)

Status:	RESOLVED UPSTREAM

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Other

Importance:	High major (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	A2 [upstream]
Keywords:

Depends on:
Blocks:

Reported:	2005-06-01 04:38 UTC by Thierry Carrez (RETIRED)
Modified:	2007-08-16 18:35 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thierry Carrez (RETIRED) gentoo-dev

2005-06-01 04:38:39 UTC

Sebastian Krahmer (SuSE) found two issues in Acrobat Reader, both allowing remote code execution upon viewing a PDF file.

One is for Acrobat 7 and requires you have the system-mailer as your default mailer.
The other is for Acrobat 5 and requires that the webbrowser is 'mozilla-like' and no instance is running already when the PDF is viewed.

Adobe is working on a fix.

Comment 1 Thierry Carrez (RETIRED) gentoo-dev

2005-09-13 04:34:35 UTC

Doesn't look like high prio on Adobe stack. Or maybe it was related to the
recently released problem.

I think we should keep this one closed until (if) it surfaces again. Feel free
to reopen if you disagree.