Skip to main content

Adobe Reader and Acrobat Unspecified Code Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 15 Dec 2009 5392 Views

RISK: Medium Risk

A vulnerability has been identified in Adobe Reader and Acrobat, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by an unspecified memory corruption error, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF file.

Note: This vulnerability is currently being exploited in the wild.


Impact

  • Remote Code Execution

System / Technologies affected

  • Adobe Reader version 9.2 and prior
  • Adobe Acrobat version 9.2 and prior

Solutions

Note: There is no patch available for this vulnerability currently.

Do not open untrusted PDF files.

Do not visit untrusted websites or follow untrusted links.

Workaround:

  • Disable JavaScript support.

    Edit -> Preferences -> JavaScript and uncheck Enable Acrobat JavaScript


  • Vulnerability Identifier


    Source


    Related Link