Results 1 to 2 of 2
2004-07-13, 11:13 #1
- Join Date
- Jan 2001
- Quedgeley, Gloucester, England
- Thanked 1 Time in 1 Post
BufferOverflow vulnerability in Adobe Reader 6.0.1
Probably not major, since nothing exploits it yet.
iDEFENSE discovered and reported this vulnerability to Adobe back in March. Adobe fixed the flaw in version 6.0.2, released 7 June 2004, but did not issue a vendor security advisory, merely refering to the issue as "Security update to further restrict malicious code execution." in the change log.
The only way I could get to update Adobe Reader 6.0.1 to 6.0.2 was to click on the Updates option, whereupon it did a download and then required me to reboot to do the install. And that's for a File Viewer!
Anyone else agree that this is another firm too big for its boots?
John<font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>
Ita, esto, quidcumque...
2004-07-13, 14:32 #2
- Join Date
- Mar 2001
- St Louis, Missouri, USA
- Thanked 1,098 Times in 964 Posts
Re: BufferOverflow vulnerability in Adobe Reader 6.0.1
Yep!!! <img src=/S/bullseye.gif border=0 alt=bullseye width=45 height=15> John. It seems as though Adobe <img src=/S/bash.gif border=0 alt=bash width=35 height=39> has no clue about customer support. Many companies appear to get lost when they reach a certain size.