Malicious PDF Files Used to Exploit Adobe Vulnerabilities
According to security firm ESET, its researchers have discovered some malicious PDF files that exploit vulnerabilities in PDF reader software with over 25,000 attacks through these files were identified during the 1st-2nd week of October 2008.
Further, the reports said that spammers are exploiting a pair of security flaws in Adobe Acrobat Reader to execute an arbitrary code on victims' computers as well as load malware. The security flaws identified are CVE-2007-5659 and CVE-2007-5020.
Of these, the CVE-2007-5659 flaw causes multiple heap overflows in Adobe's Acrobat 8.1.1 and older versions and in Adobe Reader to allow attackers to remotely execute an arbitrary code via a PDF file with lengthy argume...
» SPAMfighter News - 24-10-2008