Adobe Reader: Buffer Overflow — GLSA 200508-11

Adobe Reader is vulnerable to a buffer overflow which could potentially lead to execution of arbitrary code.

Affected Packages

app-text/acroread on all architectures
Affected versions < 7.0.1.1
Unaffected versions >= 7.0.1.1

Background

Adobe Reader is a utility used to view PDF files.

Description

A buffer overflow has been reported within a core application plug-in, which is part of Adobe Reader.

Impact

An attacker may create a specially-crafted PDF file, enticing a user to open it. This could trigger a buffer overflow as the file is being loaded, resulting in the execution of arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All Adobe Reader users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-text/acroread-7.0.1.1"

References

Release Date
August 19, 2005

Latest Revision
August 19, 2005: 01

Severity
normal

Exploitable
remote

Bugzilla entries