iDefense Security Advisory 10.30.08 - Remote exploitation of a stack buffer overflow vulnerability in Adobe Systems Inc.'s PageMaker could allow an attacker to execute arbitrary code with the privileges of the current user. A vulnerability exists within the handling of PMD files, the native file format for storing PageMaker documents. When parsing a malformed PMD file, data from the file is copied into a buffer without proper validation. This results in an exploitable stack based buffer overflow. iDefense has confirmed the existence of this vulnerability in Adobe PageMaker version 7.0.1 with the CVE-2007-5169 patch applied. Previous versions may also be affected. However, Adobe InDesign CS, the successor to PageMaker, is not affected.
30285f28d965b9654aef8e6c21708c5bbbf4e22fb01500dce610cc044d6dd20f