Release DateOct 19, 2006 |
Severitymedium |
ImpactSystem compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates a possible attempt to exploit a command-execution vulnerability in Adobe Acrobat Reader.The vulnerability is caused by an error when the vulnerable software is handles the filename of a PDF file that includes malicious shell metacharacters. It can be exploited via sending an email that contains a crafted PDF attachment, leading to remote code execution. |
Affected ProductsS.u.S.E. Linux Personal 9.1S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 Adobe Acrobat Reader (UNIX) 5.0 6 Adobe Acrobat Reader (UNIX) 5.0 5 Adobe Acrobat Reader (UNIX) 5.0 |
Recommended ActionsUpgrade to the latest version of Acrobat Reader (5.0.9 or later). |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-CAN-2004-0630 |
Reference/shttp://www.securityfocus.com/bid/10931 (BugTraq) |
