发布时间 :2003-08-07 00:00:00
修订时间 :2016-10-17 22:34:50

[原文]Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link.

[CNNVD]Adobe Acrobat Reader (acroread) WWWLaunchNetscape函数缓冲区溢出漏洞(CNNVD-200308-029)

        Adobe Acrobat Reader (acroread) 5.0.7及其早期版本的WWWLaunchNetscape函数存在缓冲区溢出漏洞。远程攻击者借助具有超长mailto链接的.pdf文件执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BUGTRAQ  20030701 [sec-labs] Adobe Acrobat Reader <=5.0.7 Buffer Overflow
(UNKNOWN)  BUGTRAQ  20030709 Acroread 5.0.7 buffer overflow

- 漏洞信息

Adobe Acrobat Reader (acroread) WWWLaunchNetscape函数缓冲区溢出漏洞
高危 缓冲区溢出
2003-08-07 00:00:00 2005-10-20 00:00:00
        Adobe Acrobat Reader (acroread) 5.0.7及其早期版本的WWWLaunchNetscape函数存在缓冲区溢出漏洞。远程攻击者借助具有超长mailto链接的.pdf文件执行任意代码。

- 公告与补丁


- 漏洞信息 (22846)

Adobe Unix Acrobat Reader 4.0/5.0 WWWLaunchNetscape Buffer Overflow Vulnerability (EDBID:22846)
linux dos
2003-07-01 Verified
0 Paul Szabo
N/A [点击下载]

An individual has reported that Adobe Acrobat Reader for Unix systems is vulnerable to a buffer overflow condition. The error is allegedly related to the processing of hyperlinks, in the function "WWWLaunchNetscape". The flaw is triggered only when Netscape is set as the browser to be used in the preferences (this is the default configuration). This vulnerability may be exploited through maliciously constructed PDF files. 

It should be noted that it is not confirmed that Acrobat Reader for Windows is not affected. Users of both versions should exhibit caution until there is a response from the vendor. 4.x versions of the reader are reportedly not prone to this issue.

#!/usr/bin/perl --
# Demo for acroread 5.0.7 on Debian Linux
print '
Writing TeX file ...
# For acroread 5.0.5 use 248 Bs instead of 504
open P, '>attack.tex';
print P '
close P;
print '
Running pdflatex ...
system 'pdflatex attack';

- 漏洞信息

Adobe Acrobat Reader WWWLaunchNetscape() function Buffer Overflow
Remote / Network Access Input Manipulation
Loss of Integrity Upgrade
Exploit Public

- 漏洞描述

A remote overflow exists in Adobe Acrobat Reader. The Adobe Acrobat Reader fails to validate the URL sent to the WWWLaunchNetscape() function resulting in a buffer overflow. With a specially crafted request, an attacker can cause the execution of arbitrary code resulting in a loss of integrity.

- 时间线

2003-07-01 2003-07-01
2003-06-29 Unknow

- 解决方案

Upgrade to version 5.0.8 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete