Fiche créée le 2004-04-09 05:48:52, dernière mise à jour le 2008-03-02 23:49:23
A local overflow exists in Acrobat products. The program fails to validate the /Registry and /Ordering strings resulting in a buffer overflow. With a specially crafted PDF file containing a very long string in /Registry or /Ordering, an attacker can cause arbitrary code execution resulting in a loss of integrity.
|
| |
| Adobe Systems Incorporated for Windows 95/98/NT/2000 Affected |
| Adobe Systems Incorporated for Windows 95/98/NT/2000 Affected |
| Adobe Systems Incorporated 3.0 Affected |
| Adobe Systems Incorporated 4.0 Affected |
| Adobe Systems Incorporated 4.05 Affected |
| Adobe Systems Incorporated 3.0 Affected |
| Adobe Systems Incorporated 4.0 Affected |
| Adobe Systems Incorporated 4.05 Affected |
| |
Attack Type : Input Manipulation
XSS, SQL injection, file retrieval, directory traversal, overflows, URL encoding. |
Découvert le 2000-07-26 07:00:00
|
| Disclosure : OSVDB Verified |
Confirmé le 2000-07-26 07:00:00
|
Exploit : Exploit Rumored
The exploit has been mentioned but not confirmed. Proof of Concept (PoC) has been published to prove the vulnerability but does not exploit it. |
Exploit découvert le 1970-01-01 07:00:00
|
Impact : Loss of Integrity
Assurance that data is unaltered by unauthorized persons.
Examples: XSS, arbitrary command execution, most overflows, most format strings, SQL injection, unauthorized file modification/deletion/creation, remote file inclusion, etc. |
| |
Location : Local Access Required
Requires a local account, shell access, etc. Any vulnerability that doesn't require network layer to exploit. |
| |
| |
| External refs : |
| OSVDB 9291 |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
