Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability

by cocoruder(frankruder (at) hotmail (dot) com [email concealed])
http://ruder.cdut.net

Summary:

A design error vulnerability exists in Adobe Reader and Adobe
Acrobat Professional. A remote attacker who successfully exploit this
vulnerability can control the printer without user's permission.

Affected Software Versions:

Adobe Reader 8.1.1 and earlier versions
    Adobe Acrobat Professional, 3D and Standard 8.1.1 and earlier versions

Details:

Currently there is no details released because the final patch is
not available, more informations will be updated soon.

Solution:

Adobe has released an advisory for this vulnerability and a patch
for Adobe Reader which are available on:

http://www.adobe.com/support/security/advisories/apsa08-01.html

Fortinet advisory can be found at:

http://www.fortiguardcenter.com

CVE Information:

To be updated

Disclosure Timeline:

2007.11.01        Vendor notified
    2007.11.02        Vendor responded
    2008.02.07        Initial coordinated disclosure

--EOF--