Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Adobe Plugs Holes in Reader, Acrobat



 By: Ryan Naraine
2005-06-15
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Patches are released to cover an information disclosure vulnerability in Adobe's Reader and Acrobat software programs.

Software maker Adobe Systems Inc. on Wednesday acknowledged that an information disclosure vulnerability in two of its products could be exploited by malicious hackers to hijack sensitive system information.

The flaws were flagged--and fixed--in Adobe Reader and Adobe Acrobat, two programs widely used to view and print PDF files.

Resource Library:

Affected versions include Adobe Reader 7.0 and 7.0.1, and Adobe Acrobat 7.0 and 7.0.1 on Windows and Macintosh platforms.

In a published advisory, Adobe said the flaw was found within the Adobe Reader control.

"If an XML script is embedded in JavaScript, it is possible to discover the existence of local files. An attacker could then use the information gathered for malicious purposes," the company warned.

However, Adobe said the threat is minimized because the existence of local files can only be discovered if the complete filenames and paths are known in advance by the attacker.

Read the full story on PDFzone.com: Adobe Plugs Holes in Reader, Acrobat



  Reader Comments: Adobe Plugs Holes in Reader, Acrobat
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Ryan Naraine
 


x}kw89v2zڎ#[ri[XJ<{IlS${O/߸U҃HsbKX BP޻$\8ȴ'-JghSãw&$]ZNUFԫ1en軫Fw2'v-gP;^> \?QwD%x_'Щ=ѩ:€wɔiPلQ͙ۗ>}^~b .pѲGgb^Q$Ё_GEk9JGDq֥qȏB|2G$oqX}؁䛿Q=2t3ݛ6BT Kd/B(?cs?C=~'=i@a5w0vˑ黖8"C1nCUVekVClvi!rs!gKݻHmD%˙8_I@ؓ:Iuh mUr'Өbb#:(Ec9LN\^BZ3ӂ螩[mɧ9\H  1A 4cXT4ny8DrHn6 Ոj)1ᆑgO?LI…N؎MYnݰ뺷}=-:ԍۉ{֛i]Ԓ],r,U)m H&>_iD ӱaGǵHQ~AimȆu{ҡVUBX>T{}޴Gνoq3{kZ7?һPʪ)e>ʑGA nnp[J^׵vSq>g}~j]\r m o%&W JDTRBx$" PcjCG'${@BKoVQ+aASc T$0L" J3zĢ!IuoOVߺnZ:=?nΐ|bP+Mz(#1hؕ3Fz3 7g͛Kvٽ鑳5i>O[=$#t6lnAZ|]kU[_oG!"w󁭡JA(XӀ7? 9d#2Xc]vЎRl!o4f!`FܼNR$9Vˡȟ4R\ 9lb)6K .&7R<&,|YB* b$rݢQ3>LK$o# eE KH@!=F!8N0Fpt/\f~]5F'UsNVVd];yˬ;{R?k5[Mһvz]tZxXaZ`I). Ƹ@]Է7J06Rq^TUG#f[Ԗ-ò˄u~>NQ'}Ymvi|Q}ѦޣR?7ݘiI70i\+Gݺ~NnXŞ*Fԇ9[i`I l"#0Ie&3@yGLν݂23fC?F{7t( u,/= 0/ Z- Be^~}̢81O>bt҇&ܠ~q C|'s\(L7^"{" EEKi@( $hO`r,lbo(?LHX-VpDJm'8.3PK/"ڹ&,S,ЂW-Kᗄtfh(L=?n1!UG,D`v9r,L.Y O6JԭybQ9ִr>Ӥ75 KܺyO5" Xb HS%\EwTM::ޟx=!v<9% t0h3Vh9L) ./| ` SnRM ݜ6,1%͵By Q=6`]2(O>uK\wıAsރn5 ~"Wnzfr#ʇ&fy:epGҶL/ J|z[.z8 9r!M5kb$`CfO <yBN6{rkkF&+)\=P>Д /kb*q (ӧLEۋ)I :3X-8E4W-eSZqlzAn^ӛAt ]֥PK@yC dl+/,;7kc:J+_iiHH*6@\X3-# %.?W0Z?LpSw{{jA_ܰ큡S*+G&,-sV-iVuXjgܲ&P `"7`b\0`NSy9tIz[fL7? )8{yfbqIa)e@ΨԪLs0z q tX?XĞ.Cjб3abea;k R!/_8g׭vG&9Je!6c{i-6!ӮWK(-rI)jEl ؑq,YXTر,>1}6Ⱥ a(Juѧȥi@ @M~!3pPQ@1"N;t/#;Aܧ^{T*# ko`" 2l3s&/ft|pE% i4Q,(J9A)` L] T^C%@#P-W0"FcK鬡cKU1SOm{hAy-X\>(Dm?a"!1}ڣnssQ*rW3 T|ۏfjZ(T+16UT9.J{}|s??=ehČR8pc}y __ PݩsTk/}VAL}6݁ ;}G>N-â,h'Ȑ]M;HhG Ó2R*%1P׃,`T:(*H3adzͼz<_&?!j7j8@v??Cyl)ctx8)ѡ,HrUTՖnR vU#tT# 7)X]QiRiR9viYS)&Vt u| `_ nM==WK$ X] 2j>̌k}Y\SaWּݬ`bcDB:GdH#`Кv*47Gw ԪO6 h)6YS!bW hĞeeS3etjC铰(OPMGF T,ۀ ^093+F_H]MM:f2̯&F}G ϣGjZ)1ߖ,#1s*? э۹+7a*r/|m,Ln1yc%[4w)n<0{L3gF> ioj`$dmhaYk->Q#2!`OR-9L8n6=R.R =cx8i>t1sk'Si l}SUהю"eάɢ(Ci@/%ix]c>/$RAr+T5΀4OxR,WEzy,(U|l"RrMuY;ŏ[oȧUrmVՏG~#W>V y`*+ZR< +86 9 ^F,Zv؀Z57g X~sB5x)@%erIMq {a/;CnK-%.O@^ذ:zf.SnIo. -r/鉚ƲRA3aGq+ZP@iUI+T Z}̡2a{і$}/\EI'sSfn tDSwg#Sj$·RiEmT)玿ߓJ\: /je!EO*'-JpX8YPX9H(PK Yz>ɷw>҄_#aV*S7~.RHC$ |BJ D;}ZPf7&# 99^f>VU'&O!(0H_dpm;dU]uv'@ޏ.}ﻛv~D ۧ>vY}@q3nnow;GA{L[( ^-_ҸGZ@MC~ڝfGtL`NSj_6>p-:%5ރ4 `i8~{LC?rfWϋ۫F|;l᳋Y?`y Br+'~{)\6?;Kߧ݋5?wL.ڝu ߽<rLp'Bj\?tXG^9h5M1&05h<!k<`&ziR_KٺĂKӜ$"j?N3$ne88єZ19ºUXHe`#P($T0r,`$X*Xu2]]4>GG2sE^SF(+bK)"$Dٌ \egiπ/aANa1:(:{_ZaKᷘo9?ů1K7xAdW(tNz4& \3[INj?!4|㿜yQ$M "0xc.A-H7ԺJ9"Ss4vD)fTDxi'y0:Ɩs8쀒N1{7lOء ]nցG39^)ŔL iux2Ƞ3%dBE۰^gx9[R r0xf"64NlyWy#U]s")1Xfx>TAvY?{xXn8ivI'~4: I +=Fz t{Do7ۨ{.|ʜ,=~![3'zxyu?qBΛٿ[o5e's CwNA}i^wl'LUZyZ P>?G$c:I"I^U֭UdU)IȔWN Hƣb[`@Ɍ7COҁ{W&-3(m#{F-8_2{KL7+{ U<㛟tϯ3n8%~WJ][imD)]s25"v%ދKqyej ГGmחB}޿ȿ LĬhg2h덫{Go ?5'|ȞFcԲ؉ǓE{&X r4hgA[ɱ=Ιx < v<.߭[ ?#B;BJ [42UCn?Mk-Ǭ ,Giƿc+ޙU^?2%;hߖc3cp/?+ _?ZR| .wi{\naa0^ ="s(ı߂KCƧ3ӆUe[˭Nrc i?b0-:*b㰠b /_;Bb%q,xzDdId+O$e%!- ۷}njA-Źϒ[iC:5+Ϯ&|"'YIDN(Ϣ´ϳ007Xfl7s<Y.c/è/ DwIѰPZpi*(kj?>t՟rM7 ͏jk~C&'> ?j-vM+U1e؆IQy#P?aPP1T="LyWvP4vԤwr\T>~K$ЇTH*h_K"@V-ebA&rhRaH0DUD+_ʜRܦ)pi(?իׅ$ wK x<~AsQmIte7@HULRyH9D8WAυ41ۑTP% [!RNSǕږ5fx8&`I! k$ƞ&Z߾N$SMR ےLHFlVFҩ3Rtܱ(2%K\,I<@@I"A"qNd EHOALc܉Hz֤Wzvһ1 .gK(ga \۵P|"]_*_Πc(ɩs'$lch`#(R ԢnK֩!bkm*k֣ƻ^n^}ZE-Eى"uP /ntL80_^m€06eI^2p;}]F&a+e \q# w ~~~~}. >ݫ˫pC$G,H\Sv,|REZ!{RX#=ӣЇH*yI"/n֘|#A?+43fFKaI J}<{K@8߭g.e2%ZV H"$I'p8Ob$WG`zO%>e8@H7a^vnI`icU_ҥS)R o2AQ#)bK(oAXt4_._m!ƞSؒ/-,~`գ4w%'yM_ޞHs̉A ,€sDZCz=d(J`X?->cYv eaH$u9**+ѕ;46 Yt>'Rwx s%];-wuąҍY#_ڿoTSDW $aL#{ַW^lԙ-XRÜ1W[__M 1'AU ecR0DjcX|ya:hJ6[?ep:& @H?SJ]EMwIdZ^lKSl8~XTt$ZgR9Sm JG0E$J 2^;b.~yd]k`U oD> S\;>RBY7mayooU+$M42Y$ק[!A?oi-ם택:QnHWx Pe񍏡8Na}4 p(l+BB(D@y5|hl]PߥFgZ$ӌF=[y{©وj|ubCR$tF87o 5Vc2]J5Lh` n*-1' ;>fx41Go(5?}#jg闶UȉG}tq˼ X| ZNܓ-afb6Y}gj w .P4w>>ftDxq~Qalȯxq{Q?c<(o(xzX"Lq})67Ӣ=D(XKQͨ4$Rpl J`֮H^M 2ä=&LA6NYfl /LQӬןfo!۟`n3Eѻyk/x1q2Ga)]u`%hRM:_;EW~Q2Vq_:ddw'|0ek)G>?E}C:^ۏo3ߗ DŢW= !kjb`!O4#|.zIAwy4,~D?S9E=1ۚ>+V8E *96i6)lW-TsZ.Wy=u_8ZՔV-`{dE1{ gzpJ5r . W@9XieZ{#qȋF^*iByKJ K xv',6Ͳb#?(vBAfӓl' pr|jXojzOA>O])Z4W ^Rc$W6 mM{6a$iҙH Wkn3R)59/R\mD 9vsȑۋuN퇩ўb1,9)3KxfV-j%VG4K,2; u: @\umiI=сHzl8?K m+6a^ ʇ&[Q{Za`B ]0]] rh%6qqrpi< 4/]>F P#SC,6M$AeЃ5T?0*k{˫R(ѪV7>2<yWW|%]2Y4V|~} }+NMLSx C7)(ʁޒWq48ڀkE~:xd+L;=~|LROW3\v_K_!ݰVI m{7R[ $y?ZƮEH*& Iujh_Nw[= d,9kU33H@[ 죋La0G'L$EuE) 2;y»(3ʰLXUKsoͲG2qȥ&JZ 0=lV0`A-'i92fg4t\K{6ISʵ?3D4.>5iV>NWvCNZ<:m[8j?N96?v>;vhbv>J5m^kLide(A:Sr=\H^Eƒ"^ûHKvYGcqy 'ۋGa_<)Qe;̋ Q~c401Gch6[֖S~Ƌ#xYb슠SM-GRU8jz67anq4ħEOVn"g(9(%ʯ76R](f#77VF)n.?eCF?|۹y{syпvF?dC( 7_ s %̂%2?0ˌ_}^f%e}"v22ϡeSn&&~oon2/$)CAy#Wpzz;"9(/'R*zUKYF!gȳ+z7^˰s=ce_/ˀq}um&R+ ]Q%>5Mk[I2}Wc|u(X2M*#(^>&c˼$=)>w懤Ix]B&JRW[O'ikr(s<2g)h{470'\vH[QGl`g]#=D~(se&ms?`fE@' @8pm;xɋ s%>| SG075ipy[~|^fJC#DK(xx=*Yۼx0,{|yN؛ڎy@7 J,{3ЫD@.^s/q) ?dD2yhp䣿 t81ti;Ìs 1k]`z4}z<83mJN)gL#[Lot_=F.u7 \˦=wlp* O!0'TbgHɈG?$I[0|qncaY%NAAWd]& A_&|NbhRxXugm}'Ηcӄ0+A ~霰)#,|HTP}HO-N-ONk_M%uy#񏉋Jv1,{ԟ"1P Y]+)^[#|F MPLt5b8gK“J']lw[o5e\)%&/jv[[&ZOeJ`'/2^;' '\#Xl=wl%@A$៶Xa+Nvޒ{־( ;C~EE`A]|eD$@g ߅ϩnSC>X6ٱsh0Ŭ‘Ѷz SO~j\(Co 66x}Ҁ]wVulם@# dd9e7 oܵhB%W#u`'#~"V[œA6p8_@&s ܐ}olI COx r8I W)6;6[ +"ۂ J-Ӭ6sV¹"UXJٍ ,~:3_-rΦ(@PP뀜OWtm:y@tz-E{Ofuݍ2ZWtmk]+l C>`]R>E+ ]'[ۧ3й?-{/e;m*} X^c 0,:091-E66s􋋙Ƚgz^4}jsXC Q_E@G7dyUĄfٵ⑛CCԚR!e´#T 1L(_],RYגWv!{Z~΋|E>WNENE<<*IDy)V@ O{ |>"XǸ0X Vt*Nzf?Pu;}qپ|C*'t[??;oڿˌhT*.㉋oZ5ŧ݋u nғ;M)h!/-(ZNJ`)XF|HVzS_%ȕ/2f#-<#@隣J"4&o(FҢ̰Ge=9TV01{6JܖmJr&s.#KM\eZ)ҦG(5c>tgLt )2)v}ml-c6C-{n_*