Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0142

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-0142
Last Modified 05 Sep 2008 04:33:35
Published 18 Aug 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0142

Summary

Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, which can allow attackers to cause Acrobat to enter Certified mode and run untrusted plugins by modifying the CTIsCertifiedMode function.

Vulnerable Systems

Application

  • Adobe Acrobat Reader 6.0


References

CERT-VN - VU#689835

BUGTRAQ - 20030708 Adobe Acrobat and PDF security: no improvements for 2 years


Last Updated: 27 May 2016 10:37:48