1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Adobe PDF Subroutine Mem. Corrupt

HTTP Adobe PDF Subroutine Mem. Corrupt

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a vulnerability in Adobe Acrobat Reader which may result in remote code execution.

Additional Information

Adobe Acrobat Reader is a free document viewer user for reading and commenting on PDF and PostScript files.

Reports indicate that an attacker can trigger this vulnerability by supplying a malicious PDF file to a user. Note that if a malicious file is opened through Adobe Acrobat Reader, the browser may automatically call Adobe Acrobat Reader to open the file. When the application processes the malicious document, memory becomes corrupted and arbitrary code may execute.

Successfully exploiting this issue may allow a remote attacker to execute arbitrary code in the context of the victim user running the affected application. Failed exploit attampts will likely result in denial-of-service conditions.

An attacker could exploit this issue by enticing a victim to open a malicious PDF file.

Affected

  • Adobe Acrobat 3.0, 3.1, 4.0, 4.0 5, 4.0 5c, 4.0.5 A, 5.0, 5.0.5, 5.0.10, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 7.0, 7.0.1, 7.0.2, 7.0.3
  • Adobe Acrobat 3D
  • Adobe Acrobat Professional 8.0, 7.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8
  • Adobe Acrobat Reader 8.0, 3.0, 4.0, 4.0 5, 4.0 5c, 4.0.5 A, 5.0, 5.0.5, 5.0.10, 5.1, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 7.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.0.9
  • Adobe Acrobat Reader (UNIX) 5.0, 5.0 5, 5.0 6, 5.0 7, 5.0.8, 5.0.9, 5.0.10, 5.0.11, 7.0, 7.0.1
  • Adobe Acrobat Standard 8.0, 7.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8
  • Avaya Interactive Response 2.0
  • Gentoo app-text/acroread 7.0.8, 7.0.9
  • S.u.S.E. Linux 9.0, 10.0
  • S.u.S.E. Novell Linux Desktop 9.0
  • S.u.S.E. openSUSE 10.2
  • S.u.S.E. SUSE Linux Enterprise Desktop 10
  • Sun Solaris 10.0
  • Turbolinux Turbolinux FUJI

Response

Download and install all vendor patches related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube