1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Suspicious Browser Activity 3

Web Attack: Suspicious Browser Activity 3

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature will detects attempts to exploit a Remote Code Execution Vulnerability in Adobe Reader.

Additional Information

Adobe Reader and Acrobat are applications for handling PDF files.

The software is prone to a remote code-execution vulnerability when handling specially crafted PDF files. Specifically, this issue is caused by a use-after-free error in the 'newplayer()' method of the 'Doc.media' JavaScript object.

An attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions.

This issue affects Reader and Acrobat 9.2 and prior versions.

Response

Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of any recent information, please mail us at: vuldb@securityfocus.com.

NOTE: The vendor in currently investigating the vulnerability and will release updates by January 12, 2010 to resolve the issue.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube