Adobe Acrobat Reader allows users to view and print documents in Portable
Document Format (PDF).
An input validation flaw was discovered in a JavaScript engine used by
Acrobat Reader. A malicious PDF file could cause Acrobat Reader to crash
or, potentially, execute arbitrary code as the user running Acrobat Reader.
(CVE-2008-2641)
An insecure temporary file usage issue was discovered in the Acrobat Reader
“acroread” startup script. A local attacker could potentially overwrite
arbitrary files that were writable by the user running Acrobat Reader, if
the victim ran “acroread” with certain command line arguments.
(CVE-2008-0883)
All acroread users are advised to upgrade to these updated packages, that
contain Acrobat Reader version 8.1.2 Security Update 1, and are not
vulnerable to these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | i386 | acroread-plugin | < 8.1.2.SU1-2.el5 | acroread-plugin-8.1.2.SU1-2.el5.i386.rpm |
RedHat | 5 | i386 | acroread | < 8.1.2.SU1-2.el5 | acroread-8.1.2.SU1-2.el5.i386.rpm |