|Check Point Reference:||SBP-2009-28|
|Date Published:||29 Dec 2009|
|Last Updated:||20 Nov 2016|
|Protection Provided by:||
|Who is Vulnerable?|
|Vulnerability Description||New exploits were released for several remote code execution vulnerabilities that were discovered in the way Adobe Acrobat Reader and Foxit Reader handle specially crafted PDF files. Although various security products provide coverage against many malformed PDF files vulnerabilities, these new exploits could potentially bypass security products by using PDF files that contain obfuscated name objects.|
This protection will detect and block PDF files with obfuscated name objects.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update.For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Adobe Reader Violation.
Attack Information: PDF Containing Obfuscated Name Objects