News

Security firm issues Buffer Overflow alert for Reader 5.1

March 04, 2004

Advertisement
Advertisement
 

NGSSoftware researchers have posted a public advisory to alert users of the free Acrobat Reader 5.1 about a vulnerability in the XML forms data format (.XFDF). The British security consultants warned that a malicious attacker could "cause a buffer overflow by tricking a user into viewing a specially crafted XFDF document." According to the report, Adobe Systems has confirmed that the current version -- Adobe Reader 6.01 -- "is no longer vulnerable," and users are strongly advised to upgrade.

From the advisory:

Adobe Acrobat Reader is a viewer that renders PDF documents. The Reader can be extended using the XML Forms Data Format or XFDF. XFDF is a format for representing forms data and annotations in a PDF document. XFDF files have a .xfdf extention and are rendered automatically on downloaded when using applications such as Internet Explorer. Also note that, regardless of the file extention if the MIME type is set to "application/vnd.adobe.xfdf" the file will be treated as a XFDF. When parsing an XFDF document the Adobe Reader suffers from a classic stack based buffer overflow vulnerability.

Planet PDF is also an official mirror site for downloading the free Adobe Reader.

PDF In-Depth Free Product Trials Ubiquitous PDF

Debenu Quick PDF Library

Get products to market faster with this amazing PDF developer SDK. Over 900 functions and an equally...

Download free demo

Back to the past, 15 years ago! Open Publish 2002

Looking back to 2002, it's amazing how much of the prediction became a reality. Take a read and see what you think!

September 14, 2017
Platinum Sponsor





Search Planet PDF
more searching options...
Planet PDF Newsletter
Most Popular Articles
Featured Product

Debenu PDF Aerialist

The ultimate plug-in for Adobe Acrobat. Advanced splitting, merging, stamping, bookmarking, and link control. Take Acrobat to the next level.

Features

Adding a PDF Stamp Comment

OK, so you want to stamp your document. Maybe you need to give reviewers some advice about the document's status or sensitivity. This tip from author Ted Padova demonstrates how to add stamps with the Stamp Tool along with related comments.