Acrobat Reader contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is triggered when Acrobat Reader tries to convert uuencoded documents into their original format. When doing so it doesn't check for backtick shell metacharacter in the filename before executing a shell command when opened. By exploiting this flaw attacker could construct a file with a name that would execute arbitrary commands resulting in a loss of integrity.

Upgrade to version Acrobat Reader (UNIX) 5.0.9 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• Secunia Advisory ID: 12285 12388
• ISS X-Force ID: 16973
• CVE ID: 2004-0630 (see also: NVD)
• Related OSVDB ID: 8655
• Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0514.html
• Vendor URL: http://www.adobe.com/
• Other Advisory URL: http://www.idefense.com/application/poi/display?id=124&type=vulnerabilities
• RedHat RHSA: RHSA-2004:432

• Greg MacManus - iDefense Labs