Adobe eBook Reader Data Backup Operation Restriction Bypass

2002-07-19T00:00:00
ID OSVDB:9296
Type osvdb
Reporter Vladimir Katalov(info@elcomsoft.com)
Modified 2002-07-19T00:00:00

Description

Vulnerability Description

eBook Reader contains a flaw that may allow a malicious user to bypass Digital Rights Management (DRM). DRM control of copying, printing and lending is implemented by storing the information in the file itself, which can be backed up prior to exercising rights, and restored back to its initial state. It is possible that the flaw may allow unlimited access to restricted rights resulting in a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

eBook Reader contains a flaw that may allow a malicious user to bypass Digital Rights Management (DRM). DRM control of copying, printing and lending is implemented by storing the information in the file itself, which can be backed up prior to exercising rights, and restored back to its initial state. It is possible that the flaw may allow unlimited access to restricted rights resulting in a loss of integrity.

References:

Mail List Post: http://marc.theaimsgroup.com/?l=full-disclosure&m=102965261426258&w=2 ISS X-Force ID: 9634 CVE-2002-1016 CERT VU: 438867 Bugtraq ID: 5273