Members
Stats
  • Total Posts: 28514
  • Total Topics: 8240
  • Online Today: 816
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: New Attack Vectors for Adobe JBIG2 Vulnerability  (Read 3762 times)

0 Members and 1 Guest are viewing this topic.

georgecloner

  • SCF VIP Member
  • *****
  • Posts: 171
  • KARMA: 16
  • Gender: Male
New Attack Vectors for Adobe JBIG2 Vulnerability
« on: 11. March 2009., 04:31:37 »

US-CERT is aware of public reports of two new attack vectors for a vulnerability affecting Adobe Reader and Acrobat. This vulnerability is due to a buffer overflow condition that exists in the way Adobe Acrobat Reader handles JBIG2 Streams.

When Adobe Reader is installed on a system, it adds an IFilter that allows applications such as the Windows Indexing Service to index PDF files. If the Windows Indexing Service processes a malicious PDF file stored on the system, the vulnerability can be exploited. Exploitation using this technique can require little to no user interaction.

In addition to adding an IFilter, the Adobe Acrobat and Reader installation process adds a Windows Explorer Shell Extension. If Windows Explorer displays a folder that contains a malicious PDF file, the vulnerability can be exploited. Exploitation using this technique also requires little to no user interaction.

US-CERT encourages users and administrators to incorporate the following workarounds to help mitigate the risks:

    * Locate and unregister the Adobe Reader IFilter using: regsvr32 /u AcroRdIF.dll
    * Locate and unregister the Adobe Acrobat IFilter using: regsvr32 /u AcroIF.dll
    * Disable Adobe Acrobat Windows Shell integration to help mitigate the risk. This can be disabled by executing the following command: regsvr32 /u "%CommonProgramFiles%\Adobe\Acrobat\ActiveX\pdfshell.dll"

Additional information about the Adobe Reader and Acrobat JBIG2 vulnerability can be found in the Vulnerability Notes Database http://www.kb.cert.org/vuls/id/905281.

(US-CERT)
Creativity is a mental and social process involving the generation of new ideas or concepts, or new associations of the creative mind between existing ideas or concepts.

Samker's Computer Forum - SCforum.info

New Attack Vectors for Adobe JBIG2 Vulnerability
« on: 11. March 2009., 04:31:37 »




haz

  • SCF Advanced Member
  • ***
  • Posts: 117
  • KARMA: 26
  • Gender: Male
Re: New Attack Vectors for Adobe JBIG2 Vulnerability
« Reply #1 on: 11. March 2009., 08:15:49 »
So still no patch from Adobe ? well, thats a good point for foxit reader !
Thanks

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Re: New Attack Vectors for Adobe JBIG2 Vulnerability
« Reply #2 on: 11. March 2009., 09:33:29 »
So still no patch from Adobe ? well, thats a good point for foxit reader !
Thanks


Yesterday, Pato provide us info. and links to latest Adobe updates:

http://scforum.info/index.php/topic,2366.0.html

Check them to be sure...


georgecloner

  • SCF VIP Member
  • *****
  • Posts: 171
  • KARMA: 16
  • Gender: Male
Re: New Attack Vectors for Adobe JBIG2 Vulnerability
« Reply #3 on: 11. March 2009., 12:17:17 »
As recommended by Adobe.com, AdobeReader 9.1 should replace old versions of adobe reader.

Adobe.com already released a new critical patch for the application.

Here's the link: http://www.adobe.com/support/security/bulletins/apsb09-03.html
Creativity is a mental and social process involving the generation of new ideas or concepts, or new associations of the creative mind between existing ideas or concepts.

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising