Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability
by cocoruder(frankruder (at) hotmail (dot) com [email concealed])
http://ruder.cdut.net
Summary:
A design error vulnerability exists in Adobe Reader and Adobe
Acrobat Professional. A remote attacker who successfully exploit this
vulnerability can control the printer without user's permission.
Affected Software Versions:
Adobe Reader 8.1.1 and earlier versions
Adobe Acrobat Professional, 3D and Standard 8.1.1 and earlier versions
Details:
Currently there is no details released because the final patch is
not available, more informations will be updated soon.
Solution:
Adobe has released an advisory for this vulnerability and a patch
for Adobe Reader which are available on:
http://www.adobe.com/support/security/advisories/apsa08-01.html
Fortinet advisory can be found at:
http://www.fortiguardcenter.com
CVE Information:
To be updated
Disclosure Timeline:
2007.11.01 Vendor notified
2007.11.02 Vendor responded
2008.02.07 Initial coordinated disclosure
--EOF--