| VID |
28167 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Adobe AcroPDF ActiveX control has multiple code execution vulnerabilities which exist in versions 7.0.8 and earlier. Adobe Reader and Acrobat versions 7.0.0 through 7.0.8 could allow a remote attacker to execute arbitrary code on the system, caused by multiple vulnerabilities in the AcroPDF ActiveX control. An attacker could exploit these vulnerabilities by constructing a malicious Web page that could potentially allow an attacker to save a file on the user's system if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited the most severe of these vulnerabilities could execute arbitrary code on the affected host.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.adobe.com/support/security/bulletins/apsb06-20.html
http://research.eeye.com/html/alerts/zeroday/20061128.html
http://www.securityfocus.com/archive/1/archive/1/453579/100/0/threaded
http://www.frsirt.com/english/advisories/2006/4751
http://www.kb.cert.org/vuls/id/198908
* Platforms Affected:
Adobe Acrobat versions 7.0.0 through 7.0.8
Adobe Reader versions 7.0.0 through 7.0.8
Microsoft Windows Any version` |
| Recommendation |
Either upgrade to Adobe Reader 8.0 or replace the AcroPDF.dll file to new one, as described in the Adobe Security bulletin at http://www.adobe.com/support/security/bulletins/apsb06-20.html |
| Related URL |
CVE-2006-6027,CVE-2006-6236 (CVE) |
| Related URL |
21155,21338 (SecurityFocus) |
| Related URL |
30574 (ISS) |
|
