| VID |
28153 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Acrobat Reader has a buffer overflow vulnerability which exists in versions prior to 6.0.5. Acrobat Reader is an PDF(Portable Document Format) file viewer. Acrobat Reader versions prior to 6.0.5 could allow a remote attacker to execute arbitrary code on the system, caused by a buffer overflow vulnerability. By crafting a malicious PDF file and sending it to a victim on the affected host, a remote attacker could cause execute arbitrary code on the host, once the PDF file is opened. An attacker could exploit these vulnerabilities by hosting the malicious file on a Web site and then persuading a potential victim to visit the site or sending the file to a potential victim as an email attachment.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.adobe.com/support/security/bulletins/apsb06-09.html
http://secunia.com/advisories/21014/
* Platforms Affected:
Adobe Systems Incorporated, Acrobat Reader versions prior to 6.0.5
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Acrobat Reader (6.0.5 or later), available from the Adobe Web site at http://www.adobe.com/support/downloads |
| Related URL |
CVE-2006-3453 (CVE) |
| Related URL |
18943 (SecurityFocus) |
| Related URL |
27676 (ISS) |
|
