Vulnerability in Adobe Reader, Acrobat Reader

August 16, 2004


Security firm iDefense warns that a flaw in Adobe Systems' Reader 6.x and Acrobat Reader 5.x could be exploited via a malicious Web site to execute arbitrary code. According to iDefense's advisory, the vulnerability is caused by a boundary error in the "pdf.ocx" ActiveX component supplied with Adobe Acrobat Reader.

"This can be exploited via a malicious Web site using a specially crafted URL to potentially execute arbitrary code," iDefense said. Other versions may also be affected. As a workaround, iDefense recommends users change Adobe Acrobat/Acrobat Reader settings to prevent PDFs from automatically opening when accessed by a Web browser.

"When prompted, first save the file to disk before opening, thereby closing the exploitation vector described," the advisory said.

PDF In-Depth Free Product Trials Ubiquitous PDF

Debenu Quick PDF Library

Get products to market faster with this amazing PDF developer SDK. Over 900 functions and an equally...

Download free demo

Five visions of a PDF Day

In the world of PDFs or as we like to say Planet (of) PDF, a year isn't a real PDF year without an intense few days of industry knowledge sharing.

May 15, 2018
Platinum Sponsor

Search Planet PDF
more searching options...
Planet PDF Newsletter
Most Popular Articles
Featured Product

Debenu PDF Aerialist

The ultimate plug-in for Adobe Acrobat. Advanced splitting, merging, stamping, bookmarking, and link control. Take Acrobat to the next level.


Adding a PDF Stamp Comment

OK, so you want to stamp your document. Maybe you need to give reviewers some advice about the document's status or sensitivity. This tip from author Ted Padova demonstrates how to add stamps with the Stamp Tool along with related comments.