Copyright © 2008 Adobe Systems Incorporated. All rights reserved.
Use of this website signifies your agreement to the Terms of Use and Online Privacy Policy (updated 03-30-2007).
Search powered by Powered by Google
Release date: March 11, 2008
Vulnerability identifier: APSA08-02
CVE number: CVE-2008-0883
Platform: Unix
Adobe Reader 8.1.2
Adobe is aware of a recently published report of a privilege escalation issue in Adobe Reader 8.1.2 for Unix. The launcher script for Adobe Reader 8.1.2 for Unix could potentially allow a malicious local user to escalate their privileges and potentially modify or delete arbitrary files.
Adobe is planning to release an update to Adobe Reader 8.1.2 for Unix to resolve this issue. A security bulletin will be published on http://www.adobe.com/support/security as soon as that update is available. In the meantime, users are advised to restrict access to their local machine to trusted users. All documented security vulnerabilities and their solutions are distributed through the Adobe security notification service. You can sign up for the service at the following URL: http://www.adobe.com/cfusion/entitlement/index.cfm?e=szalert
Adobe is aware of a recently published report of a privilege escalation issue in Adobe Reader 8.1.2 for Unix. The launcher script for Adobe Reader 8.1.2 for Unix could potentially allow a malicious local user to escalate their privileges and potentially modify or delete arbitrary files. This issue is not remotely exploitable, and requires local access.
Adobe categorizes this as a moderate issue and recommends that users exercise caution when granting access to their local system.
Adobe would like to thank Tavis Ormandy of the Google Security Team for reporting this issue and for working with Adobe to help protect our customers' security.
Copyright © 2008 Adobe Systems Incorporated. All rights reserved.
Use of this website signifies your agreement to the Terms of Use and Online Privacy Policy (updated 03-30-2007).
Search powered by Powered by Google
