Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1153

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-1153
Last Modified 10 Sep 2008 03:29:21
Published 10 Jan 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1153

Summary

Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an .ETD document containing format string specifiers in (1) title or (2) baseurl fields.

Vulnerable Systems

Application

  • Adobe Acrobat Reader 6.0

  • Adobe Acrobat Reader 6.0.2

  • Adobe Acrobat Reader 8.0


References

IDEFENSE - 20041214 Adobe Reader 6.0 .ETD File Format String Vulnerability

XF - adobe-acrobat-etd-format-string(18478)

CONFIRM - http://www.adobe.com/support/downloads/detail.jsp?ftpID=2679


Last Updated: 27 May 2016 10:38:55