There are two 0-day vulnerabilities on Adobe Acrobat announced today, all current versions are vulnerable. One exploits the annotation function and the other exploits the custom Dictionary function. Both of these buffer overflow vulnerabilities exist in the Javascript system of the Adobe Acrobat and can be mitigated by disabling Javascript on Adobe Acrobat.
Since the exploits for these vulnerabilities on Linux platform are posted to the Internet, we can just guess that someone will somehow make it work on Windows and use it to spread botnet agents shortly.
http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html
Also check out the DojoSec Monthly Briefing given by Matthew Watchinski of SourceFire VRT.
It deals with the last Adobe JBIG2 vulnerability... which sold for $75k on the black market to someone in China on Jan 1st - almost 30 days before the rest of us knew about it.
source for the 75k/blackmarket comment?
ReplyDeleteCheck the DojoSec Monthly Briefing give by Matthew from SourceFire...link above.
ReplyDelete