Adobe Acrobat < 8.1.1 Crafted PDF File Arbitrary Code Execution
High Nessus Plugin ID 40799
SynopsisThe version of Adobe Acrobat on the remote Windows host allows execution of arbitrary code.
DescriptionThe version of Adobe Acrobat installed on the remote host is earlier than 8.1.1. Such versions allow execution of arbitrary code by means of a specially crafted PDF file with a malicious 'mailto:' link.
Note that the issue only exists on systems running Windows XP or Windows 2003 with Internet Explorer 7.0.
SolutionUpgrade to Adobe Acrobat 8.1.1 or later or disable 'mailto' support as described in the vendor advisory.