Adobe, Apple, and Opera - The BugBlog Report 1/8/07
Published January 08, 2007
Here are some of the most significant bugs from the past week in the BugBlog:
There are a number of bugs in the Adobe Acrobat Plug-In for browsers, and in the free Adobe Reader 6 and 7. A malicious website may be able to carry out cross-site scripting attacks because the browser plug-in doesn't correctly validate URI parameters. There's no official word from Adobe, although US CERT says that it appears the bugs were fixed in Adobe Reader 8. Read their report. Stefano Di Paola, Giorgio Fedon, and Elia Florio are credited with finding these bugs. UPDATE: Adobe now has a bulletin.
There is a bug in the way that Apple Quicktime handles RTSP (Real time streaming protocol) links. It may be possible for an attacker to construct one of these links that would trigger a buffer overflow which could be used to run hostile code on your computer. According to the Secunia website, the bug has been verified in Quicktime 7.1.3.100 for Windows. It is also supposed to affect other Windows and Mac versions as well. Secunia credits LMH for finding the bug. It comes from the "Month of Apple Bugs" website.
Two bugs have been discovered in Opera Software's Opera 9 web browser, that may allow attackers to sneak hostile code onto a computer. One bug is in the way Opera handles DHT markers in JPEG files. The other is in the matrices are handled in JavaScript and SVG. These bugs have been fixed in Opera 9.10. Opera credits iDefense Labs for finding these bugs.
![Adobe Acrobat Standard 8.0 [OLD VERSION]](http://ecx.images-amazon.com/images/I/21bfKQs4OwL._SY90_.jpg "Adobe Acrobat Standard 8.0 [OLD VERSION]")
- Adobe, Apple, and Opera - The BugBlog Report 1/8/07
- Published: January 08, 2007
- Type: News
- Section: Sci/Tech
- Filed Under: Sci/Tech: Computers, Sci/Tech: Internet, Sci/Tech: Software
- Part of a feature: BugBlog
- Writer: Bruce Kratofil
- Bruce Kratofil's BC Writer page
- Bruce Kratofil's personal site
- Spread the Word
- Like this article?
- Email this
Save to del.icio.us
Comments on this articleComments
John -
You are correct. In fact, there's a bug in my bug report. I used the original version, released before Adobe's bulletin, when I should have used the revised bug report, that included the link to Adobe:
There are a number of bugs in the Adobe Acrobat Plug-In for browsers, and in the free Adobe Reader 6 and 7. A malicious website may be able to caryy out cross-site scripting attacks because the browser plug-in doesn't correctly validate URI parameters. There's no official word from Adobe, although US CERT says that it appears the bugs were fixed in Adobe Reader 8. Read their report. Stefano Di Paola, Giorgio Fedon, and Elia Florio are credited with finding these bugs. UPDATE: Adobe now has a bulletin.
Add your comment, speak your mind
(Or ping: http://blogcritics.org/mt/tb/57963)
"There's no official word from Adobe...."
Actually, the detailed Adobe Security Advisory was published on Thursday of last week:
This potential cross-site snooping exploit was already detected last year, and protected against in last autumn's free download of Adobe Reader 8. Updates and intranet installers for older versions were already in the works, for those whose environments do not permit using the current version, and I believe these older versions will also be online tomorrow.
(What's the exploit? Many plugins can pass "javascript:" requests to browsers. If you're visiting evil sites or clicking fake URLs in email, they can request a PDF on a legit site, passing some JavaScript requests in the URLs. Older versions of Adobe Reader will pass this request to whichever browser is in use, and some browsers will then get confused about which domain is making the request, potentially leading to cookie-sniffing or session-hijacking. As usual, keeping your internet software updated and current is a strong way to guard against any such exploits.)
Followups news should be available tomorrow, in the Adobe Security Center, from what I currently understand.
tx, jd/adobe