With regards to the Adobe Acrobat Reader advisory (#NISR03022004)

To: <bugtraq@xxxxxxxxxxxxxxxxx>, <NTBUGTRAQ@xxxxxxxxxxxxxxxxxxxxxx>, <vulnwatch@xxxxxxxxxxxxx>
Subject: With regards to the Adobe Acrobat Reader advisory (#NISR03022004)
From: "NGSSoftware Insight Security Research" <nisr@xxxxxxxxxxxxx>
Date: Wed, 10 Mar 2004 19:11:03 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Hello all,

I've been inundated with e-mails asking whether operating systems other thanWindows are affected by XFDF overflow. Whilst I did not state that Windowsis the only OS affected, and I should have done, I thought it was clear,incorrectly, that Adobe Acrobat Reader for Windows was indeed the only oneand not Mac, *nix, etc.

From the original advisory:


When the xfdf file is parsed an unsafe call to sprintf is made in
preparation for outputting a debug message using OutputDebugString.

OutputDebugString is a Win32 API function, exported by kernel32.dll.Conseqently, the vulnerable code path will exist only in the Windows versionof Adobe Acrobat Reader.


I hope this clears up any confusion.

Cheers,
David Litchfield
NGSSoftware/NGSConsulting
http://www.nextgenss.com/
+44(0)208 401 0070

Prev by Date: Format string bug in EpicGames Unreal engine
Next by Date: MDKSA-2004:022 - Updated kdelibs packages fix cookie theft vulnerability
Previous by thread: Re: Format string bug in EpicGames Unreal engine
Next by thread: MDKSA-2004:022 - Updated kdelibs packages fix cookie theft vulnerability
Index(es):
- Date
- Thread