Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0434

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0434
Last Modified 07 Mar 2011 09:12:36
Published 24 Jul 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0434

Summary

Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.

Vulnerable Systems

Operating System

  • Mandrakesoft Mandrake Linux 9.0

  • Mandrakesoft Mandrake Linux 9.1

  • Mandrakesoft Mandrake Linux Corporate Server 2.1

  • Redhat Enterprise Linux 2.1

  • Redhat Linux 7.1

  • Redhat Linux 7.2

  • Redhat Linux 7.3

  • Redhat Linux 8.0

  • Redhat Linux 9.0

  • Redhat Linux Advanced Workstation 2.1

Application

  • Adobe Acrobat 5.0.6

  • Xpdf 1.1


References

CERT-VN - VU#200132

REDHAT - RHSA-2003:197

REDHAT - RHSA-2003:196

SECUNIA - 9038

SECUNIA - 9037

BUGTRAQ - 20030709 xpdf vulnerability - CAN-2003-0434

FULLDISC - 20030613 -10Day CERT Advisory on PDF Files

MANDRAKE - MDKSA-2003:071


Last Updated: 27 May 2016 10:37:54