CVE-2004-0630
10
CVSS SCORE
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Description
The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Affected Software Configurations
- a adobe acrobat_reader 5.0 * * * * * * *
- a adobe acrobat_reader 5.0.5 * * * * * * *
- a adobe acrobat_reader 5.0.6 * * * * * * *
Weaknesses (CWE)
- NVD-CWE-Other
References & External Links
- http://security.gentoo.org/glsa/glsa-200408-14.xml
- http://www.adobe.com/support/techdocs/322914.html
- http://www.idefense.com/application/poi/display?id=124&type=vulnerabilities
- http://www.redhat.com/support/errata/RHSA-2004-432.html
- http://www.securityfocus.com/bid/10931
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16973
- http://security.gentoo.org/glsa/glsa-200408-14.xml
- http://www.adobe.com/support/techdocs/322914.html
- http://www.idefense.com/application/poi/display?id=124&type=vulnerabilities
- http://www.redhat.com/support/errata/RHSA-2004-432.html
- http://www.securityfocus.com/bid/10931
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16973