A design error vulnerability exists in Adobe Reader and Adobe Acrobat Professional. A remote attacker who successfully exploit this vulnerability can control the printer without user's permission. Affected software versions include Adobe Reader 8.1.1 and below and Adobe Acrobat Professional 8.1.1 and below.
2e19644bffa577bd8701a1948a0501cf5426c7953565f785203c1835fdf9c479
Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability
by cocoruder(frankruder@hotmail.com)
http://ruder.cdut.net
Summary:
A design error vulnerability exists in Adobe Reader and Adobe
Acrobat Professional. A remote attacker who successfully exploit this
vulnerability can control the printer without user's permission.
Affected Software Versions:
Adobe Reader 8.1.1 and earlier versions
Adobe Acrobat Professional, 3D and Standard 8.1.1 and earlier versions
Details:
Currently there is no details released because the final patch is
not available, more informations will be updated soon.
Solution:
Adobe has released an advisory for this vulnerability and a patch
for Adobe Reader which are available on:
http://www.adobe.com/support/security/advisories/apsa08-01.html
Fortinet advisory can be found at:
http://www.fortiguardcenter.com
CVE Information:
To be updated
Disclosure Timeline:
2007.11.01 Vendor notified
2007.11.02 Vendor responded
2008.02.07 Initial coordinated disclosure
--EOF--