Intrusion Prevention

Adobe.Reader.AcroForm.API.Memory.Corruption

Description

This indicates a possible attempt to exploit a memory-corruption vulnerability in Adobe Acrobat Reader.
The vulnerability is caused by an error in "AcroForm.api" when it handles a PDF file with a malicious "/AcroForm" field. It may allow a remote attacker to execute arbitrary code by sending a crafted PDF file.

Affected Products

Adobe Acrobat 9.3.4 and prior versions
Adobe Acrobat Reader 9.x and prior versions

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.