[OT][Seguridad] Security Advisory: Acrobat and Adobe Reader plug-in buffer overflow

17/08/2005 - 03:34 por Enrique [MVP Windows] | Informe spam
Adobe has discovered a buffer overflow that if successfully exploited
could crash the application with an increased risk of arbitrary code
execution. The vulnerability is in a core Adobe Acrobat and Adobe
Reader application plug-in. If the malicious file is loaded, it could
exploit the buffer overflow. An update is available to mitigate
potential malicious activity. This vulnerability (identifier
CVE-2005-2470) affects the following platforms: Windows, Mac OS, Linux
and Solaris and the following releases: Adobe Reader 5.1, 6.0-6.0.3,
7.0-7.0.2 and Adobe Acrobat 5.0-5.0.5, 6.0-6.0.3, 7.0-7.0.2.

Adobe always recommends that users keep their systems up to date, and
install the latest update of these applications. More information is
available for each product from Adobe at
http://www.adobe.com/support/techdocs/321644.html.



Saludos,
Enrique Cortés
Microsoft MVP - Windows - IE/OE
ekort@Zmvps.org (quita la Z)

"Quien se empeña en pegarle una pedrada a la luna no lo conseguirá,
pero terminará sabiendo manejar la honda".



Este mensaje se proporciona "como está" sin garantías de ninguna clase,
y no otorga ningún derecho.
This posting is provided "AS IS" with no warranties, and confers no
rights.
________________________________________________________________________________

Preguntas similare

Leer las respuestas

#1 Luis J.
17/08/2005 - 08:31 | Informe spam
gracias, Enrique. Actualizado.

Luis J.

"Enrique [MVP Windows]" escribió en el mensaje
news:
| Adobe has discovered a buffer overflow that if successfully exploited
| could crash the application with an increased risk of arbitrary code
| execution. The vulnerability is in a core Adobe Acrobat and Adobe
| Reader application plug-in. If the malicious file is loaded, it could
| exploit the buffer overflow. An update is available to mitigate
| potential malicious activity. This vulnerability (identifier
| CVE-2005-2470) affects the following platforms: Windows, Mac OS, Linux
| and Solaris and the following releases: Adobe Reader 5.1, 6.0-6.0.3,
| 7.0-7.0.2 and Adobe Acrobat 5.0-5.0.5, 6.0-6.0.3, 7.0-7.0.2.
|
| Adobe always recommends that users keep their systems up to date, and
| install the latest update of these applications. More information is
| available for each product from Adobe at
| http://www.adobe.com/support/techdocs/321644.html.
|
|
|
| --
| Saludos,
| Enrique Cortés
| Microsoft MVP - Windows - IE/OE
| (quita la Z)
|
| "Quien se empeña en pegarle una pedrada a la luna no lo conseguirá,
| pero terminará sabiendo manejar la honda".
|
|
|
| Este mensaje se proporciona "como está" sin garantías de ninguna
clase,
| y no otorga ningún derecho.
| This posting is provided "AS IS" with no warranties, and confers no
| rights.
|
________________________________________________________________________________
|
Respuesta Responder a este mensaje
#2 Luis J.
17/08/2005 - 08:31 | Informe spam
gracias, Enrique. Actualizado.

Luis J.

"Enrique [MVP Windows]" escribió en el mensaje
news:
| Adobe has discovered a buffer overflow that if successfully exploited
| could crash the application with an increased risk of arbitrary code
| execution. The vulnerability is in a core Adobe Acrobat and Adobe
| Reader application plug-in. If the malicious file is loaded, it could
| exploit the buffer overflow. An update is available to mitigate
| potential malicious activity. This vulnerability (identifier
| CVE-2005-2470) affects the following platforms: Windows, Mac OS, Linux
| and Solaris and the following releases: Adobe Reader 5.1, 6.0-6.0.3,
| 7.0-7.0.2 and Adobe Acrobat 5.0-5.0.5, 6.0-6.0.3, 7.0-7.0.2.
|
| Adobe always recommends that users keep their systems up to date, and
| install the latest update of these applications. More information is
| available for each product from Adobe at
| http://www.adobe.com/support/techdocs/321644.html.
|
|
|
| --
| Saludos,
| Enrique Cortés
| Microsoft MVP - Windows - IE/OE
| (quita la Z)
|
| "Quien se empeña en pegarle una pedrada a la luna no lo conseguirá,
| pero terminará sabiendo manejar la honda".
|
|
|
| Este mensaje se proporciona "como está" sin garantías de ninguna
clase,
| y no otorga ningún derecho.
| This posting is provided "AS IS" with no warranties, and confers no
| rights.
|
________________________________________________________________________________
|
Respuesta Responder a este mensaje
#3 Luis J.
17/08/2005 - 08:31 | Informe spam
gracias, Enrique. Actualizado.

Luis J.

"Enrique [MVP Windows]" escribió en el mensaje
news:
| Adobe has discovered a buffer overflow that if successfully exploited
| could crash the application with an increased risk of arbitrary code
| execution. The vulnerability is in a core Adobe Acrobat and Adobe
| Reader application plug-in. If the malicious file is loaded, it could
| exploit the buffer overflow. An update is available to mitigate
| potential malicious activity. This vulnerability (identifier
| CVE-2005-2470) affects the following platforms: Windows, Mac OS, Linux
| and Solaris and the following releases: Adobe Reader 5.1, 6.0-6.0.3,
| 7.0-7.0.2 and Adobe Acrobat 5.0-5.0.5, 6.0-6.0.3, 7.0-7.0.2.
|
| Adobe always recommends that users keep their systems up to date, and
| install the latest update of these applications. More information is
| available for each product from Adobe at
| http://www.adobe.com/support/techdocs/321644.html.
|
|
|
| --
| Saludos,
| Enrique Cortés
| Microsoft MVP - Windows - IE/OE
| (quita la Z)
|
| "Quien se empeña en pegarle una pedrada a la luna no lo conseguirá,
| pero terminará sabiendo manejar la honda".
|
|
|
| Este mensaje se proporciona "como está" sin garantías de ninguna
clase,
| y no otorga ningún derecho.
| This posting is provided "AS IS" with no warranties, and confers no
| rights.
|
________________________________________________________________________________
|
Respuesta Responder a este mensaje
#4 Luis J.
17/08/2005 - 08:31 | Informe spam
gracias, Enrique. Actualizado.

Luis J.

"Enrique [MVP Windows]" escribió en el mensaje
news:
| Adobe has discovered a buffer overflow that if successfully exploited
| could crash the application with an increased risk of arbitrary code
| execution. The vulnerability is in a core Adobe Acrobat and Adobe
| Reader application plug-in. If the malicious file is loaded, it could
| exploit the buffer overflow. An update is available to mitigate
| potential malicious activity. This vulnerability (identifier
| CVE-2005-2470) affects the following platforms: Windows, Mac OS, Linux
| and Solaris and the following releases: Adobe Reader 5.1, 6.0-6.0.3,
| 7.0-7.0.2 and Adobe Acrobat 5.0-5.0.5, 6.0-6.0.3, 7.0-7.0.2.
|
| Adobe always recommends that users keep their systems up to date, and
| install the latest update of these applications. More information is
| available for each product from Adobe at
| http://www.adobe.com/support/techdocs/321644.html.
|
|
|
| --
| Saludos,
| Enrique Cortés
| Microsoft MVP - Windows - IE/OE
| (quita la Z)
|
| "Quien se empeña en pegarle una pedrada a la luna no lo conseguirá,
| pero terminará sabiendo manejar la honda".
|
|
|
| Este mensaje se proporciona "como está" sin garantías de ninguna
clase,
| y no otorga ningún derecho.
| This posting is provided "AS IS" with no warranties, and confers no
| rights.
|
________________________________________________________________________________
|
Respuesta Responder a este mensaje
#5 Aldo Comparini \(gt\)
10/09/2005 - 00:48 | Informe spam
Queda aclarar que para instalar las actualizaciones hay que tener instalados
los parches 6.03 para la version 6 y 7.02 para la version 7 (para XP y Win
2000 solamente)

______________________________
Saludos =)
Aldo Comparini G.
Ecologista,Arquitecto,


"Vive Plenamente o Muere Intentandolo"
Guatemala C.A
______________________
"Luis J." escribió en el mensaje
news:
gracias, Enrique. Actualizado.

Luis J.

"Enrique [MVP Windows]" escribió en el mensaje
news:
| Adobe has discovered a buffer overflow that if successfully exploited
| could crash the application with an increased risk of arbitrary code
| execution. The vulnerability is in a core Adobe Acrobat and Adobe
| Reader application plug-in. If the malicious file is loaded, it could
| exploit the buffer overflow. An update is available to mitigate
| potential malicious activity. This vulnerability (identifier
| CVE-2005-2470) affects the following platforms: Windows, Mac OS, Linux
| and Solaris and the following releases: Adobe Reader 5.1, 6.0-6.0.3,
| 7.0-7.0.2 and Adobe Acrobat 5.0-5.0.5, 6.0-6.0.3, 7.0-7.0.2.
|
| Adobe always recommends that users keep their systems up to date, and
| install the latest update of these applications. More information is
| available for each product from Adobe at
| http://www.adobe.com/support/techdocs/321644.html.
|
|
|
| --
| Saludos,
| Enrique Cortés
| Microsoft MVP - Windows - IE/OE
| (quita la Z)
|
| "Quien se empeña en pegarle una pedrada a la luna no lo conseguirá,
| pero terminará sabiendo manejar la honda".
|
|
|
| Este mensaje se proporciona "como está" sin garantías de ninguna
clase,
| y no otorga ningún derecho.
| This posting is provided "AS IS" with no warranties, and confers no
| rights.
|



____________________________________________________________________________
____
|

Respuesta Responder a este mensaje
Ads by Google
Help Hacer una preguntaSiguiente Respuesta Tengo una respuesta
Search Busqueda sugerida