[Advisory Update]Adobe Reader/Acrobat Remote Vul
[UPDATE]Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability
by cocoruder(frankruder@hotmail.com)
http://ruder.cdut.net, updated on 2008.05.06
Summary:
A design error vulnerability exists in Adobe Reader and Adobe Acrobat Professional. A remote attacker who successfully exploit this vulnerability can control the printer without user's permission.
Affected Software Versions:
Adobe Reader 8.1.1 and earlier versions
Adobe Acrobat Professional, 3D and Standard 8.1.1 and earlier versions
Details:
This vulnerablity due to the design error of the javascript fucntion "DOC.print()", following are the annotates of the function in Adobe's Javascript API Reference(named "js_api_reference.pdf"):
Tags: Adobe, Adobe Acrobat, Adobe Reader, Advisory, Vulnerability