|
|
Subscribe / Log in / New account

acroread: multiple vulnerabilities

Package(s):acroread CVE #(s):CVE-2006-5857 CVE-2007-0045 CVE-2007-0046
Created:January 11, 2007 Updated:October 26, 2009
Description: Adobes acrobat reader has the following vulnerabilities:

The Adobe Reader Plugin has a cross site scripting vulnerability that can be triggered by processes malformed URLs. Arbitrary JavaScript can be served by a malicious web server, leading to a cross-site scripting attack.

Maliciously crafted PDF files can be used to trigger two vulnerabilities, if an attacker can trick a user into viewing the files, arbitrary code can be executed with the user's privileges.

Alerts:
SuSE SUSE-SA:2009:049 acroread, 2009-10-26
Gentoo 200910-03 acroread 2009-10-25
Red Hat RHSA-2007:0021-01 acroread 2007-01-22
Gentoo 200701-16 acroread 2007-01-22
SuSE SUSE-SA:2007:011 acroread 2007-01-22
Red Hat RHSA-2007:0017-01 acroread 2007-01-11
to post comments

acroread: multiple vulnerabilities

Posted Jan 18, 2007 5:37 UTC (Thu) by roelofs (guest, #2599) [Link]

Acroread 7.0.9 is also available directly from Adobe:

Greg


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds