VWE-2016-2706
Return to current revision
Differences in Content
-
[template]Vulnerability
| cve=
| aka=Suspect PDF Vulnerability -
-
| severity=Low -
+
| severity=Minor -
| difficulty=Easy
| description=Sample PDF included in the ZIP triggers off anti-virus/malware response.
| discover-date=May 30, 2016
| patch-date=July 5, 2016
Due to lack of information from Adobe, it is unclear whether the PDF is actually dangerous, or if the response is a false-positive. As of July 15, 2016, Adobe continues to distribute the flawed PDF on [URL=https://stlab.adobe.com/wiki/index.php/File:Test.pdf]their own web site[/URL]. Nevertheless, these patches replace the suspect file with an updated PDF that does not trigger anti-virus response.
| patches=4.0.12 Patch Level 1
4.0.11 Patch Level 1
4.0.10 Patch Level 2
4.0.9 Patch Level 2
4.0.8 Patch Level 4
4.0.7 Patch Level 5
4.0.6 Patch Level 8
| workaround=Manually remove /vault/model/image/test.pdf from the ZIP.
[/template]