Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0035

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-0035
Last Modified 07 Mar 2011 09:19:27
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-0035

Summary

The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and earlier, when used with Internet Explorer, allows remote attackers to determine the existence of arbitrary files via the LoadFile ActiveX method.

Vulnerable Systems

Application

  • Adobe Acrobat Reader 4.5

  • Adobe Acrobat Reader 5.0

  • Adobe Acrobat Reader 5.0.5

  • Adobe Acrobat Reader 5.1

  • Adobe Acrobat Reader 6.0

  • Adobe Acrobat Reader 6.0.1

  • Adobe Acrobat Reader 6.0.2

  • Adobe Acrobat Reader 6.0.3

  • Adobe Acrobat Reader 7.0


References

VUPEN - ADV-2005-0310

MISC - http://www.niscc.gov.uk/niscc/docs/re-20050401-00264.pdf

MISC - http://www.hyperdose.com/advisories/H2005-06.txt

CONFIRM - http://www.adobe.com/support/techdocs/331465.html

BID - 12989

OSVDB - 15242

SECUNIA - 14813


Last Updated: 27 May 2016 10:39:38