| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3d7a6e870802071804r62a067afxc67d51c5f7c8aa5a@mail.gmail.com>
Date: Fri, 8 Feb 2008 10:04:47 +0800
From: cocoruder <cocoruder@...il.com>
To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Adobe Reader/Acrobat Remote PDF Print Silently
Vulnerability
Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability
by cocoruder(frankruder@...mail.com)
http://ruder.cdut.net
Summary:
A design error vulnerability exists in Adobe Reader and Adobe
Acrobat Professional. A remote attacker who successfully exploit this
vulnerability can control the printer without user's permission.
Affected Software Versions:
Adobe Reader 8.1.1 and earlier versions
Adobe Acrobat Professional, 3D and Standard 8.1.1 and earlier versions
Details:
Currently there is no details released because the final patch is
not available, more informations will be updated soon.
Solution:
Adobe has released an advisory for this vulnerability and a patch
for Adobe Reader which are available on:
http://www.adobe.com/support/security/advisories/apsa08-01.html
Fortinet advisory can be found at:
http://www.fortiguardcenter.com
CVE Information:
To be updated
Disclosure Timeline:
2007.11.01 Vendor notified
2007.11.02 Vendor responded
2008.02.07 Initial coordinated disclosure
--EOF--
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists