Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5666

Overview

Vulnerability Score 6.2 6.2
CVE Id CVE-2007-5666
Last Modified 07 Mar 2011 10:01:06
Published 12 Feb 2008 02:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2007-5666

Summary

Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655.

Vulnerable Systems

Application

  • Adobe Acrobat 8.1.1

  • Adobe Acrobat Reader 8.1.1


References

CERT - TA08-043A

CONFIRM - http://www.adobe.com/support/security/advisories/apsa08-01.html

VUPEN - ADV-2008-1966

REDHAT - RHSA-2008:0144

SUNALERT - 239286

SECUNIA - 30840

SECUNIA - 29065

IDEFENSE - 20080208 Adobe Reader Security Provider Unsafe Libary Path Vulnerability

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb08-13.html

GENTOO - GLSA-200803-01

SECUNIA - 29205

Related Patches

Adobe Acrobat 7.1.0 Update for Mac

Adobe Acrobat 8.1.2 Update for Mac

Adobe Reader 8.1.2 Update for Macintosh (PPC) (Rev 2)

Adobe Reader 8.1.2 Update (See Note) (Rev 6)


Last Updated: 27 May 2016 10:46:14