Spinner
16 Jun 2005, 8:20pm
Adobe yesterday released patches for security vulnerabilities found in Adobe Reader 7.0 and 7.0.1, and in Adobe Acrobat 7.0 and 7.0.1.
Download: Adobe Acrobat 7.0.2 Professional and Standard Patch (http://ardownload.adobe.com/pub/adobe/acrobat/win/7x/7.0.2/misc/Acro-Reader_702_Update.exe) (4.99MB)
Download: Adobe Reader 7.0.2 Patch (http://ardownload.adobe.com/pub/adobe/acrobat/win/7x/7.0.2/misc/Acro-Reader_702_Update.exe) (4.99MB)
According to Adobe officials, the vulnerability is within the Adobe Reader control. If an XML script is embedded in JavaScript, it is possible to discover the existence of local files, according to a security advisory from the company. An attacker could then maliciously use the gathered information. But the statement pointed out that the local files can be found only if the attacker knows the complete file names and paths in advance of such an attack.
Source: Adobe (http://www.adobe.com/support/downloads/main.html)
Download: Adobe Acrobat 7.0.2 Professional and Standard Patch (http://ardownload.adobe.com/pub/adobe/acrobat/win/7x/7.0.2/misc/Acro-Reader_702_Update.exe) (4.99MB)
Download: Adobe Reader 7.0.2 Patch (http://ardownload.adobe.com/pub/adobe/acrobat/win/7x/7.0.2/misc/Acro-Reader_702_Update.exe) (4.99MB)
According to Adobe officials, the vulnerability is within the Adobe Reader control. If an XML script is embedded in JavaScript, it is possible to discover the existence of local files, according to a security advisory from the company. An attacker could then maliciously use the gathered information. But the statement pointed out that the local files can be found only if the attacker knows the complete file names and paths in advance of such an attack.
Source: Adobe (http://www.adobe.com/support/downloads/main.html)