Welcome to MalwareRemoval.com, What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.
Overview: A vulnerability within Adobe Reader and Adobe Acrobat has been identified. Under certain circumstances using XML scripts, it is possible to discover the existence of local files.
Adobe has solutions available that can rectify these issues. Please refer to the "Recommendations" section for further information.
Effect: If exploited, it may be possible to discover the existence of local files on an end-user system.
Details: The vulnerability is within the Adobe Reader control. If an XML script is embedded in JavaScript, it is possible to discover the existence of local files. An attacker could then use the information gathered for malicious purposes.
However, the impact is minimized due to the fact that the existence of local files can only be discovered if the complete filenames and paths are known in advance by the attacker.
Recommendations:
Perform one of the following tasks:
-- If you use Adobe Reader 7.x on Windows or Mac OS, download the update to Adobe Reader 7.0.2 from the Adobe website at http://www.adobe.com/support/downloads/ .
-- If you use Adobe Acrobat 7.x on Windows or Mac OS, download the update to Adobe Acrobat 7.0.2 from the Adobe website at http://www.adobe.com/support/downloads/ .
According to Adobe, this XML External Entity vulnerability applies to Adobe Reader and Acrobat 7.0-7.0.1. Version 7.0.2 does not have it.
Are users of previous versions (5.x/6.x) safe?
I am using Acrobat 6.0.3 and cannot afford to upgrade to Acrobat 7, and I cannot install the free Adobe Reader 7, because that will cause integration problems with my full version 6.
As far as I can tell.. this vulnerability seems only to apply to Adobe 7.0-7.0.1. I'm sure that if there had been problems with earlier versions then the articles would have pointed this out.
So unless anyone wants to tell us any different then I would say don't worry about it.
Users browsing this forum: No registered users and 69 guests
Contact us:
Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.