This week in PDF: Adobe warns of "critical" bugs in Acrobat and Reader

December 06, 2006


The big news this week in PDF is being made by several security vulnerabilities affecting Acrobat and Adobe Reader that could be used to hijack a user's system. Planet PDF talks about the nature of the vulnerabilities and their current status.

First discovered in late-September by French Security Incident Response Team (FrSIRT), the bugs affect Adobe Reader, Acrobats Standard and Professional versions 7.0.0 through 7.0.8. According to FrSIRT's security advisory, attackers could exploit them to completely take over an affected system. Specifically, the flaws are caused by memory corruption errors in the AcroPDF ActiveX control (AcroPDF.dll), which does not properly handle malformed arguments passed to the "setPageMode()", "setLayoutMode()", "setNamedDest()", and "LoadFile()" methods. This allows remote attackers to execute arbitrary commands by tricking users into visiting specially-crafted Web pages using Internet Explorer.

Both Adobe and FrSIRT have listed the error as "critical", while Secunia's advisory is more optimistic, presumably because Adobe has already provided a workaround fix. According to Adobe's own advisory:

The upcoming version of Adobe Reader, which will not be vulnerable to this issue, is also expected to be available in the near future. Acrobat 8 is not affected by this issue. The vulnerability is in an ActiveX control used by Internet Explorer; users of other browsers are not affected. The following workaround will prevent these vulnerabilities from occurring in Adobe Reader 7.0.X on Windows using Internet Explorer:

  1. Exit Internet Explorer and Adobe Reader.
  2. Browse to <volume>:\Program Files\Adobe\Acrobat 7.0\ActiveX.
    Note: If you did not install Acrobat to the default location, browse to the location of your Acrobat 7.0 folder.
  3. Select AcroPDF.dll and delete it.

NOTE: This workaround will prevent PDF documents from opening within an Internet Explorer window. After applying this workaround, clicking on PDF files within Internet Explorer will either open in a separate instance of Adobe Reader or the user will be prompted to download the file, which can then be opened in Adobe Reader. This workaround may disrupt some enterprise workflows and use of PDF forms.

To plug the hole without deleting the entire .dll file, FrSIRT claims that it is sufficient to merely set a "kill bit" for the CLSID {CA8A9780-280D-11CF-A24D-444553540000}. In any case, a bulletin will be posted when Adobe's formal "bugfix" patch becomes available.

PDF In-Depth Free Product Trials Ubiquitous PDF

Debenu Quick PDF Library

Get products to market faster with this amazing PDF developer SDK. Over 900 functions and an equally...

Download free demo

Five visions of a PDF Day

In the world of PDFs or as we like to say Planet (of) PDF, a year isn't a real PDF year without an intense few days of industry knowledge sharing.

May 15, 2018
Platinum Sponsor

Search Planet PDF
more searching options...
Planet PDF Newsletter
Most Popular Articles
Featured Product

Debenu PDF Aerialist

The ultimate plug-in for Adobe Acrobat. Advanced splitting, merging, stamping, bookmarking, and link control. Take Acrobat to the next level.


Adding a PDF Stamp Comment

OK, so you want to stamp your document. Maybe you need to give reviewers some advice about the document's status or sensitivity. This tip from author Ted Padova demonstrates how to add stamps with the Stamp Tool along with related comments.