‫ Adobe Reader for Android PDF JavaScript Interface Java Code Execution Vulnerability

IRCAD2014043253

Number: IRCAD2014043253
Date: 2014/04/15

Criticality level: Highly critical

 
Software:

Adobe Reader for Android 11.x

Description

Securify has reported a vulnerability in Adobe Reader for Android, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to the application not properly restricting access to certain JavaScript interfaces, which can be exploited to execute arbitrary Java code via a specially crafted PDF file.

The vulnerability is reported in versions 11.1.3 and prior.

Solution:

Update to version 11.2.

Resources:

APSB14-12:

Yorick Koster:

secunia:

http://secunia.com/advisories/57928/

 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 30 فروردین 1393

امتیاز

امتیاز شما
تعداد امتیازها:0