A security researcher shows that it s possible to launch an attack internally from one PDF onto another already existing PDF. Adobe Acrobat and Reader vulnerabilities could enable arbitrary code execution and are part of a 14-CVE patch update. The out-of-band patches follow a lighter-than-usual Patch Tuesday update earlier this month. The vulnerabilities are in Adobe Prelude, Adobe Experience Manager and Adobe Lightroom. More information is available on this article by emailing jenn.gartner@mailonline.com.
Source: https://threatpost.com/are-pdf-files-wormable-040510/73786/