Vulnerability Note VU#896220
Adobe Acrobat contains a remotely exploitable buffer overflow
A buffer overflow in Adobe Acrobat/Acrobat Reader may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition
Adobe Acrobat is a suite of applications that allow users to manipulate PDF (Portable Document Format) files. A buffer within a core plug-in for Adobe Acrobat and Acrobat Reader can be overwritten using a specially-crafted PDF document.
For more information refer to Adobe Security Advisory 321644.
If a remote attacker can persuade a user to access a specially crafted PDF file, that attacker may be able to execute arbitrary code or crash the Adobe Acrobat/Acrobat Reader process.
Upgrade to unaffected version
Do not accept PDF files from untrusted sources
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Adobe||Affected||12 Aug 2005||16 Aug 2005|
|Red Hat Software, Inc.||Affected||-||08 Sep 2005|
CVSS Metrics (Learn More)
This vulnerability was reported by Adobe Systems.
This document was written by Jeff Gennari.
- CVE IDs: CAN-2005-2470
- Date Public: 16 Aug 2005
- Date First Published: 16 Aug 2005
- Date Last Updated: 08 Sep 2005
- Severity Metric: 12.91
- Document Revision: 38
If you have feedback, comments, or additional information about this vulnerability, please send us email.