102730 – app-text/acroread: Plug-in Buffer Overflow Vulnerability

Bug 102730 - app-text/acroread: Plug-in Buffer Overflow Vulnerability

Summary: app-text/acroread: Plug-in Buffer Overflow Vulnerability

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High major (vote)
Assignee:	Gentoo Security

URL:	http://secunia.com/advisories/16466/
Whiteboard:	A2 [glsa] formula7
Keywords:

Depends on:
Blocks:

Reported:	2005-08-16 10:31 UTC by Jean-François Brunette (RETIRED)
Modified:	2005-08-19 03:44 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jean-François Brunette (RETIRED) gentoo-dev

2005-08-16 10:31:57 UTC

Description:
A vulnerability has been reported in Adobe Reader and Adobe Acrobat, which
potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified boundary error in the core
application plug-in and can be exploited to cause a buffer overflow when a
specially crafted file is opened.

Successful exploitation may allow execution of arbitrary code.

Solution:
Install updated version.

Adobe Reader (Linux or Solaris):
Update to version 7.0.1.

Comment 1 Jean-François Brunette (RETIRED) gentoo-dev

2005-08-16 10:34:50 UTC

Please bump to 7.0.1

Comment 2 Luis Medinas (RETIRED) gentoo-dev

2005-08-16 15:16:29 UTC

Version Bumped to 7.0.1.1.
Stable on x86 and amd64.
Fixed

Comment 3 Jean-François Brunette (RETIRED) gentoo-dev

2005-08-16 16:08:47 UTC

Thank you metalgod.

Comment 4 Jean-François Brunette (RETIRED) gentoo-dev

2005-08-16 16:10:33 UTC

Reopening for the glsa status.

Comment 5 Thierry Carrez (RETIRED) gentoo-dev

2005-08-19 03:44:38 UTC

GLSA 200508-11