Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability

by cocoruder(frankruder@hotmail.com)
http://ruder.cdut.net


Summary:

    A design error vulnerability exists in Adobe Reader and Adobe
Acrobat Professional. A remote attacker who successfully exploit this
vulnerability can control the printer without user's permission.



Affected Software Versions:

    Adobe Reader 8.1.1 and earlier versions
    Adobe Acrobat Professional, 3D and Standard 8.1.1 and earlier versions



Details:

    Currently there is no details released because the final patch is
not available, more informations will be updated soon.



Solution:

    Adobe has released an advisory for this vulnerability and a patch
for Adobe Reader which are available on:

    http://www.adobe.com/support/security/advisories/apsa08-01.html

    Fortinet advisory can be found at:

    http://www.fortiguardcenter.com



CVE Information:

    To be updated



Disclosure Timeline:

    2007.11.01        Vendor notified
    2007.11.02        Vendor responded
    2008.02.07        Initial coordinated disclosure



--EOF--

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/