Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1347

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2005-1347
Last Modified 05 Sep 2008 04:48:54
Published 02 May 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-1347

Summary

** UNVERIFIABLE ** NOTE: this issue describes a problem that can not be independently verified as of 20050421. Adobe Acrobat reader (AcroRd32.exe) 6.0 and earlier allows remote attackers to cause a denial of service ("Invalid-ID-Handle-Error" error) and modify memory beginning at a particular address, possibly allowing the execution of arbitrary code, via a crafted PDF file. NOTE: the vendor has stated that the reporter refused to provide sufficient details to confirm the issue. In addition, due to the lack of details in the original advisory, an independent verification is not possible. Finally, the reliability of the original reporter is unknown. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example of the newly defined UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. Without additional details or independent verification by reliable sources, it is highly likely that this item will be REJECTED.

Vulnerable Systems

Application

  • Adobe Acrobat Reader 3.0

  • Adobe Acrobat Reader 5.0.10

  • Adobe Acrobat Reader 6.0


References

XF - acrobat-reader-invalid-id-handle-bo(20216)

OSVDB - 15850

MISC - http://www.alphahackers.com/advisories/acrobat6.txt

SECTRACK - 1013774


Last Updated: 27 May 2016 10:40:08