CVE-2004-0632
7.5
CVSS SCORE
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Description
Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into components, which allows remote attackers to execute arbitrary code via a file with a long extension that is not normally handled by Reader, triggering a buffer overflow.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Affected Software Configurations
- a adobe acrobat 6.0 * * * * * * *
- a adobe acrobat 6.0.1 * * * * * * *
- a adobe acrobat_reader 6.0 * * * * * * *
- a adobe acrobat_reader 6.0.1 * * * * * * *
Weaknesses (CWE)
- NVD-CWE-Other
References & External Links
- http://www.adobe.com/support/techdocs/330527.html
- http://www.adobe.com/support/techdocs/34222.htm
- http://www.idefense.com/application/poi/display?id=116&type=vulnerabilities
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16667
- http://www.adobe.com/support/techdocs/330527.html
- http://www.adobe.com/support/techdocs/34222.htm
- http://www.idefense.com/application/poi/display?id=116&type=vulnerabilities
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16667