Threat Type: Malicious Web Site / Malicious Code
Websense® Security Labs™ has received reports of a proof-of-concept (PoC) exploit code circulating in the wild, exploiting a vulnerability in Adobe Reader 8.1.2, and Adobe Acrobat 8.1.2.
The flaw is a stack buffer overflow that results when parsing specially crafted PDF files (CVE-2008-2992). Successful exploitation allows the attacker the same level of permission rights to the desktop as the victim who opened the PDF file.
We urge customers to update to the latest version of Adobe Reader and Adobe Acrobat. We will continue to monitor the development of this threat.
Screenshot of the PoC exploit's shellcode in memory:
Screenshot of a call to the vulnerable function util.printf() to trigger the error:
Security Update available for Adobe Reader 8 and Acrobat 8