----------------------------------------------------------------------

Secunia is pleased to announce the release of the annual Secunia
report for 2008.

Highlights from the 2008 report:
 * Vulnerability Research
 * Software Inspection Results
 * Secunia Research Highlights
 * Secunia Advisory Statistics

Request the full 2008 Report here:
http://secunia.com/advisories/try_vi/request_2008_report/

Stay Secure,

Secunia


----------------------------------------------------------------------

TITLE:
Adobe Reader for Linux JavaScript Methods Memory Corruption

SECUNIA ADVISORY ID:
SA34924

VERIFY ADVISORY:
http://secunia.com/advisories/34924/

DESCRIPTION:
Arr1val has discovered two vulnerabilities in Adobe Reader, which can
be exploited by malicious people to potentially compromise a user's
system.

1) An error when processing calls to the "getAnnots()" JavaScript
method can be exploited to corrupt memory via a specially crafted PDF
file.

2) An error when processing calls to the "customDictionaryOpen()"
JavaScript method can be exploited to corrupt memory via a specially
crafted PDF file.

Successful exploitation may allow execution of arbitrary code.

The vulnerabilities are confirmed in version 9.1 for Linux. Other
versions may also be affected.

SOLUTION:
Do not open untrusted PDF documents.

PROVIDED AND/OR DISCOVERED BY:
Arr1val

ORIGINAL ADVISORY:
http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt
http://packetstorm.linuxsecurity.com/0904-exploits/getannots.txt

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------