OSVDB ID: 31596

Title: Adobe Acrobat Reader Plugin PDF URL Memory Corruption DoS

Info

Disclosure
Jan 03, 2007

Discovery
Unknown

Dates

Exploit
Unknown

Solution
Unknown

Description

 Acrobat contains a flaw that may allow a remote denial of service. The issue is triggered when the plugin is used with Internet Explorer and processes a malformed URL, and will result in loss of availability for the browser.

Classification

 Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Solution: Upgrade
Exploit: Exploit Public
Disclosure: Vendor Verified, Vendor Verified, Coordinated Disclosure

Solution

 Upgrade to version 7.0.9 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Adobe Systems Incorporated

Acrobat

 7.0.7
7.0.1
7.0.2
7.0.8
7.0.3
7.0.6
7.0.4
7.0.5
7.0
7.0.7
7.0.1
7.0.2
7.0.8
7.0.3
7.0.6
7.0.4
7.0.5
7.0

Acrobat Reader

 7.0.1
7.0.2
7.0
7.0.3
7.0.4
7.0.5
7.0.6
7.0.7
7.0.8
7.0.1
7.0.2
7.0
7.0.3
7.0.4
7.0.5
7.0.6
7.0.7
7.0.8

References

Credit
  • Stefano Di Paola - stefano.dipaolawisec.it - Minded Security
  • Stefano Di Paola - stefano.dipaolawisec.it - Minded Security


Direct URL: http://osvdb.org/31596