Adobe Acrobat Reader Remote Code Injection Vulnerability

Adobe Acrobat Reader Remote Code Injection Vulnerability

Cisco Talos researcher recently disclosed a remote code execution vulnerability in Adobe Acrobat Reader DC. Attackers can hide malicious JavaScript code in PDF files. These codes enable document IDs for unauthorized operations to trigger stack buffer overflow when users open PDF documents.

According to Talos, the vulnerability (CVE-2018-4901) was disclosed in December 7, and Adobe released a security update for the vulnerability in February 13. The researcher then published the vulnerability details. The versions affected by the vulnerability are Adobe Acrobat Reader 2018.009.20050 and earlier 2017.011.30070.

Vulnerability details

The Javascript script embedded in a PDF file may cause the Document ID field to be infinitely copied. This will trigger a stack buffer overflow problem when you open a specific document in Adobe Acrobat Reader.
-- Talos

Adobe Acrobat Reader is the most popular and feature-rich PDF Reader. It has a large user base and is usually the default PDF reader in the system. It is often integrated into Web browsers as a plug-in. Therefore, attackers can exploit this vulnerability by inducing users to access malicious webpages or sending email attachments.

Adobe rates the vulnerability as important, which means it presents a certain risk, but no known exploit cases are found.

For more specific vulnerability information, see Talos

* Reference Source: threatpost

This article permanently updates link: https://www.bkjia.com/Linux/2018-03/151179.htm