Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: New Adobe vulnerability - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Adobe vulnerability
Frank Klein has written to let us know that there are new vulnerabilities in Adobe Acrobat and Acrobat Reader that have the potential for code execution as a result of incorrect argument handling in the ActiveX control for IE. There is no patch currently available and Adobe is offering a mitigation of deleting the control. FrSIRT has provided a kill bit option that you can set that should disable the control.

The vulnerable versions are:
Adobe Standard, Reader & Professional 7.0.0 - 7.0.8

68 Posts
Nov 29th 2006

Sign Up for Free or Log In to start participating in the conversation!