Adobe Systems Inc. issued an advisory Thursday warning customers that its popular desktop publishing program, PageMaker has two serious vulnerabilities that could be exploited by an attacker to take control of a computer.
The vulnerabilities affect PageMaker versions 7.0.1 and 7.0.2. Adobe issued a patch to plug two flaws and is preparing a patch for a third vulnerability, the vendor said in its PageMaker security advisory.
Danish vulnerability clearinghouse Secunia issued an alert warning that the program contains a boundary error when processing PageMaker files. The error could be exploited by passing a malicious PageMaker file, causing a heap-based buffer overflow. Secunia gave the vulnerabilities a "highly critical" rating.
Adobe credited JJ Reyes of Secunia Research and iDefense Labs with discovering the vulnerabilities.