Zero Day
Latest Post |
Last 10 Posts |
Archives
Previous Post: Cybercrime friendly EstDomains loses ICANN registrar accreditation
Next Post: Opera sings the security blues
Adobe nukes 'critical' Pagemaker flaws
Posted in:
- Adobe
- Arbitrary Code Execution
- Botnets
- Data theft
- Exploit code
- Malware
- Passwords
- Patch Watch
- Pen testing
- Responsible disclosure
- Vulnerability research
Adobe has released a patch to fix a pair of critical vulnerabilities in its PageMaker 7 software, warning that a hacker could exploit these flaws to "take control of the affected system."
A third vulnerability, confirmed by Adobe, remains unpatched, the company acknowledged in an advisory. The flaws affect PageMaker 7.0.1 and PageMaker 7.0.2.
From Adobe's security bulletin:
- Critical vulnerabilities has been identified in Adobe PageMaker 7.0.1 and PageMaker 7.0.2 that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. Adobe has provided a solution for two of the reported vulnerabilities (CVE-2007-6432, CVE-2007-5394), and is currently investigating potential solutions for a third vulnerability (CVE-2007-6021). It is recommended that users update their installations using the instructions provided above, and avoid opening PageMaker files from untrusted or unknown sources. These issues are not remotely exploitable.
Adobe categorizes this as a critical issue and recommends affected users patch their installations, and avoid opening PageMaker files from untrusted or unknown sources.
Secunia Research, one of the companies credited in Adobe's bulletin, has released a separate advisory with technical details of the two patched vulnerabilities.
posted by Ryan Naraine
October 30, 2008 @ 10:52 am
Previous Post: Cybercrime friendly EstDomains loses ICANN registrar accreditation
Next Post: Opera sings the security blues
Last 10 posts:
more Posts (Archives)
WordPress Mobile Edition available at alexking.org.
powered by WordPress.
