Home | Data Center | Contact US | Login

Á¦¸ñ Adobe Reader/Acrobat ½Å±Ô Ãë¾àÁ¡À¸·Î ÀÎÇÑ ÇÇÇØ ÁÖÀÇ
ÀÛ¼ºÀÏ 2009-12-21 09:50:08

¡à Á¦¸ñ: Adobe Reader/Acrobat ½Å±Ô Ãë¾àÁ¡À¸·Î ÀÎÇÑ ÇÇÇØ ÁÖÀÇ


¡à °³¿ä

  o Adobe Reader/Acrobat¿¡¼­ ¿ø°ÝÄÚµå ½ÇÇàÀÌ °¡´ÉÇÑ ½Å±Ô Ãë¾àÁ¡ÀÌ ¹ß°ßµÇ¾î »ç¿ëÀÚÀÇ
    
ÁÖÀǸ¦ ¿äÇÔ [1-2]
  o
ÇöÀç ÇØ´ç Ãë¾àÁ¡À» °ø°ÝÇϱâ À§ÇØ ¾ÇÀÇÀûÀ¸·Î ÀÛ¼ºµÈ PDF ÆÄÀÏÀÌ ¹ß°ßµÇ¾úÀ¸¹Ç·Î,
    Adobe Reader/Acrobat
»ç¿ëÀÚ´Â ¸ÞÀÏ/¸Þ½ÅÀú·Î Àü¼ÛµÈ Ãâó°¡ ºÒºÐ¸íÇÑ PDF ÆÄÀÏÀ»
    
¿­¶÷ÇÏÁö ¾Êµµ·Ï ÁÖÀÇÇÏ¿©¾ß ÇÔ [3]


¡à ¿µÇâ

  o ¾ÇÀÇÀûÀ¸·Î ÀÛ¼ºµÈ PDF ¹®¼­¸¦ ¿­¾îº¼ °æ¿ì ÇÇÇØÀÚ ½Ã½ºÅÛ¿¡ ¾Ç¼ºÄڵ尡 ¼³Ä¡µÇ°Å³ª
    
±× ¿Ü ¹®¼­¿¡ »ðÀÔµÈ ¾ÇÀÇÀûÀÎ ¸í·ÉÀÌ ½ÇÇàµÉ ¼ö ÀÖÀ½ [1-3]


¡à ¼³¸í

  o Adobe Reader/Acrobat Ãë¾àÁ¡ 1°ÇÀÌ ¾Æ·¡¿Í °°ÀÌ ¹ßÇ¥µÊ
    - Adobe Reader/Acrobat
¿ø°ÝÄÚµå ½ÇÇà Ãë¾àÁ¡ (CVE-2009-4324) [4]


¡à ÇØ°á ¹æ¾È

  o ÇöÀç ÇØ´ç Ãë¾àÁ¡¿¡ ´ëÇÑ º¸¾È¾÷µ¥ÀÌÆ®´Â ¹ßÇ¥µÇÁö ¾ÊÀ½
  o
º¸¾È¾÷µ¥ÀÌÆ®°¡ ¹ßÇ¥µÇ±â Àü±îÁö ´ÙÀ½°ú °°Àº ÀýÂ÷¿¡ µû¶ó JavaScript ±â´ÉÀ» ÁßÁö [1]
   *
ÁÖÀÇ: JavaScript ±â´ÉÀ» ÁßÁöÇÒ ½Ã, JavaScript ±â´ÉÀ» »ç¿ëÇÏ´Â ÀϺΠPDF°¡ Á¤»óÀûÀ¸·Î
             
º¸ÀÌÁö ¾ÊÀ» ¼ö ÀÖÀ½
    1. Acrobat
À̳ª Adobe Reader¸¦ ½ÇÇà
    2.
¸Þ´º¿¡¼­ ÆíÁý(E)>±âº» ¼³Á¤(N)À» ¼±ÅÃ
    3.
ÇÏ´ÜÀÇ JavaScript Ä«Å×°í¸®¸¦ ¼±ÅÃ
     


    4.
»ó´ÜÀÇ Acrobat JavaScript »ç¿ë °¡´É(J)À» ¼±Åà ÇØÁ¦
    5.
È®ÀÎ ¹öÆ°À» Ŭ¸¯
  o
Ãë¾àÁ¡ ³ëÃâ·Î ÀÎÇÑ ÇÇÇØ¿¹¹æÀ» À§ÇØ ¾Æ·¡¿Í °°ÀÌ ¾ÈÀüÇÑ ÀÎÅÍ³Ý ÀÌ¿ë ½À°üÀ» 
    
ÁؼöÇØ¾ß ÇÔ
    -
½Å·ÚµÇÁö ¾ÊÀº À¥»çÀÌÆ®ÀÇ PDF ÆÄÀÏ ´Ù¿î·Îµå ÁÖÀÇ
    -
ÀǽɵǴ À̸ÞÀÏ¿¡ Æ÷ÇÔµÈ PDF ÆÄÀÏ ¸µÅ© ¶Ç´Â ÷ºÎ¸¦ Ŭ¸¯ÇÏÁö ¾ÊÀ½
    -
°³ÀιæÈ­º®°ú ¹é½ÅÁ¦Ç° »ç¿ë µî


 
¡à ¿ë¾î Á¤¸®

  o PDF (Portable Document Format): Adobe SystemsÞä°¡ 2D ¹®¼­¸¦ Ç¥ÇöÇϱâ À§ÇØ ¸ðµç
    
¿î¿µÃ¼Á¦¿¡¼­ ±¸µ¿ °¡´ÉÇϵµ·Ï °³¹ßÇÑ ÆÄÀÏ Çü½ÄÀÓ
  o Adobe Reader: PDF
¹®¼­ÀÇ ÆíÁý ±â´ÉÀº ¾øÀÌ º¸±â/Àμ⸸ ÇÒ ¼ö ÀÖ´Â ¹«·á ÇÁ·Î±×·¥
  o Adobe Acrobat: PDF
¹®¼­ ÆíÁý/Á¦ÀÛÀ» Áö¿øÇÏ´Â »ó¿ë ÇÁ·Î±×·¥


¡à Âü°í »çÀÌÆ®
[1] http://www.adobe.com/support/security/advisories/apsa09-07.html
[2] http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
[3] http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-121422-3337-99
[4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324
[5] http://kb2.adobe.com/cps/532/cpsid_53237.html
[6] http://www.vupen.com/english/advisories/2009/3518
[7] http://www.securityfocus.com/bid/37331

  MS IIS ÆÄÀÏ È®ÀåÀÚ Ã³¸®¿À·ù Ãë¾àÁ¡ ÁÖÀÇ
  Adobe Flash Player ¹× Air ´ÙÁß Ãë¾àÁ¡ º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í






ȸ»ç¼Ò°³ °³ÀÎÁ¤º¸Ãë±Þ¹æħ ÀÌ¿ë¾à°ü À̸ÞÀÏÁÖ¼Ò ¹«´Ü¼öÁý°ÅºÎ CONTACT US IDC ¾àµµ
ȸ»ç¼Ò°³ °³ÀÎÁ¤º¸Ãë±Þ¹æħ ÀÌ¿ë¾à°ü À̸ÞÀÏÁÖ¼Ò ¹«´Ü¼öÁý°ÅºÎ CONTACT US IDC ¾àµµ ȸ»ç¼Ò°³ °³ÀÎÁ¤º¸Ãë±Þ¹æħ ÀÌ¿ë¾à°ü À̸ÞÀÏÁÖ¼Ò ¹«´Ü¼öÁý°ÅºÎ CONTACT US IDC ¾àµµ