Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability

Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability

by cocoruder([email protected])
http://ruder.cdut.net

Summary:

A design error vulnerability exists in Adobe Reader and Adobe

Acrobat Professional. A remote attacker who successfully exploit this
vulnerability can control the printer without user's permission.

Affected Software Versions:

Adobe Reader 8.1.1 and earlier versions
Adobe Acrobat Professional, 3D and Standard 8.1.1 and earlier versions

Details:

Currently there is no details released because the final patch is

not available, more informations will be updated soon.

Solution:

Adobe has released an advisory for this vulnerability and a patch

for Adobe Reader which are available on:

http://www.adobe.com/support/security/advisories/apsa08-01.html

Fortinet advisory can be found at:

http://www.fortiguardcenter.com

CVE Information:

To be updated

Disclosure Timeline:

2007.11.01        Vendor notified
2007.11.02        Vendor responded
2008.02.07        Initial coordinated disclosure

–EOF–