Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.52425
Category:FreeBSD Local Security Checks
Title:FreeBSD Ports: acroread, acroread4, acroread5
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to the system
as announced in the referenced advisory.

The following packages are affected:
acroread
acroread4
acroread5

CVE-2004-0630
The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for
Unix and Linux, and possibly other versions including those before
5.0.9, allows remote attackers to execute arbitrary code via shell
metacharacters ('`' or backtick) in the filename of the PDF file that
is provided to the uudecode command.

Solution:
Update your system with the appropriate patches or
software upgrades.

http://www.idefense.com/application/poi/display?id=124&type=vulnerabilities
http://www.vuxml.org/freebsd/78348ea2-ec91-11d8-b913-000c41e2cdad.html

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: BugTraq ID: 10931
Common Vulnerability Exposure (CVE) ID: CVE-2004-0630
http://www.securityfocus.com/bid/10931
http://security.gentoo.org/glsa/glsa-200408-14.xml
http://www.idefense.com/application/poi/display?id=124&type=vulnerabilities
http://www.redhat.com/support/errata/RHSA-2004-432.html
XForce ISS Database: acrobat-reader-execute-code(16973)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16973
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.