Denial of service vulnerability in customDictionaryOpen spell method in Adobe Reader (Linux)
|ID: oval:org.secpod.oval:def:18635||Date: (C)2014-05-26 (M)2018-05-07|
|Class: VULNERABILITY||Family: unix|
The host is installed with Adobe Reader before 8.1.5 or Adobe Reader 9 before 9.1.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a PDF file that triggers a call to this method with a long string in the second argument. Successful exploitation allow attackers to crash the service or execute arbitrary code.