This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

The current adobe pdf plug-in is vulnerable to malicious attack that can compromise my system, how do I upgrade to another version?

  • 3 پاسخ
  • 4 have this problem
  • 7 views
  • آخرین پاسخ توسّط Xircal

more options

A vulnerability has been discovered in Adobe Reader/Acrobat, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within CoolType.dll when processing the "uniqueName" entry of SING tables in fonts and can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a malicious PDF file containing a specially crafted embedded font.

The vulnerability is reported in version 8.2.4 (confirmed) and prior and version 9.3.4 (confirmed) and prior.

NOTE: The vulnerability is currently being actively exploited.

A vulnerability has been discovered in Adobe Reader/Acrobat, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within CoolType.dll when processing the "uniqueName" entry of SING tables in fonts and can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a malicious PDF file containing a specially crafted embedded font. The vulnerability is reported in version 8.2.4 (confirmed) and prior and version 9.3.4 (confirmed) and prior. NOTE: The vulnerability is currently being actively exploited.

All Replies (3)

more options

Adobe is planning to release patches shortly. See Adobe advisory

more options

There's more on the story @ H-online if you're interested.