Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Vulnerability in Adobe Acrobat Reader 5.1 - 03/ 08/04

Mar 8, 2004 4:44AM PST

- Vulnerability in Adobe Acrobat Reader 5.1 -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, March 8 2004 - According to NGSSoftware, a security problem has been
detected which affects version 5.1 of Adobe Acrobat Reader when specially
crafted XFDF(*) documents are processed.

Due to this vulnerability, an attacker could construct a file with an .xfdf
extension which, when a user tried to view it with version 5.1 of Acrobat
Reader, could cause a buffer overflow and allow the execution of arbitrary
code.

Users of Adobe Acrobat Reader 5.1 are advised to update the application, by
installing one of the latest versions, available at:
http://www.adobe.com/products/acrobat/readstep2.html

(*)XFDF is a format for representing forms data and annotations in a PDF
document.

Discussion is locked