|Check Point Reference:||CPAI-2012-153|
|Date Published:||30 Apr 2012|
|Protection Provided by:||
|Who is Vulnerable?|| Adobe Reader X (10.1.2) and earlier 10.x versions for Windows and Macintosh |
Adobe Reader 9.5 and earlier 9.x versions for Windows and Macintosh
Adobe Reader 9.4.6 and earlier 9.x versions for Linux
|Vulnerability Description||An insecure library loading vulnerability has been reported in Adobe Reader installer.|
|Vulnerability Details||The vulnerability is due to an error in the way the Adobe Reader installer loads executables. A remote attacker could exploit this issue by enticing a user to open a legitimate PDF file that is located in the same network directory as a specially crafted executable file. Successful exploitation could allow an attacker to execute arbitrary code on the target system.|
This protection will detect and block the transferring of malicious executable files over a network share.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
SmartView Tracker will log the following entries:
Attack Name: Adobe Reader Violation
Attack Information: Adobe Reader Installer Security Bypass (APSB12-08)