Tuesday, April 15, 2014

Adobe Reader App for Android Vulnerable to Remote Code Execution



Security on the Android device is getting more high as the new and latest vulnerabilities are addressed. Again one popular app of Android "Adobe Reader" is found to be vulnerable. About 400 million android users have installed Adobe reader on their device. If you are among these, then you must update your Adobe Reader from Google Play store.



Adobe has just released the latest version of Adobe reader after fixing the Remote Code Execution on its previous version. Adobe have published the report for the vulnerability code (CVE-2014-0514) resides in the implementation of JavaScript APIs on Adobe Reader 11.2 that could be exploited to execute arbitrary code within Adobe Reader.

A security researcher Yorick Koster from Securify BV, have noted the vulnerability to Adobe. Explaining the vulnerability, Koster claims that attacker can craft a PDF file with malicious java script that can exploit the victim when he/she open it in affected version of the Adobe Reader.

Successful exploitation allows the attacker, to access the files stored on the Micro SD card and also can read the other personal information present on the device. So it is recommended to update your Adobe Reader from Google Play store.

0 on: "Adobe Reader App for Android Vulnerable to Remote Code Execution"