CVE-2005-2470
CVSS7.5
发布时间 :2005-08-16 00:00:00
修订时间 :2011-03-07 21:24:32
NMCOPS    

[原文]Buffer overflow in a "core application plug-in" for Adobe Reader 5.1 through 7.0.2 and Acrobat 5.0 through 7.0.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.


[CNNVD]Adobe Acrobat and Adobe Reader 缓冲区溢出漏洞 (CNNVD-200508-151)

        Adobe Reader 5.1至7.0.2 以及Acrobat 5.0至7.0.2中的"核心应用程序插件"存在缓冲区溢出。这使得远程攻击者可以借助于未明向量造成拒绝服务(崩溃)并且可能执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:adobe:acrobat:6.0.2Adobe Acrobat 6.0.2
cpe:/a:adobe:acrobat_reader:6.0.3Adobe Acrobat Reader 6.0.3
cpe:/a:adobe:acrobat_reader:7.0.1Adobe Acrobat Reader 7.0.1
cpe:/a:adobe:acrobat:7.0.1Adobe Acrobat 7.0.1
cpe:/a:adobe:acrobat:7.0Adobe Acrobat 7.0
cpe:/a:adobe:acrobat_reader:6.0Adobe Acrobat Reader 6.0
cpe:/a:adobe:acrobat_reader:5.1Adobe Acrobat Reader 5.1
cpe:/a:adobe:acrobat:5.0Adobe Acrobat 5.0
cpe:/a:adobe:acrobat_reader:7.0Adobe Acrobat Reader 7.0
cpe:/a:adobe:acrobat:7.0.2Adobe Acrobat 7.0.2
cpe:/a:adobe:acrobat_reader:7.0.2Adobe Acrobat Reader 7.0.2
cpe:/a:adobe:acrobat_reader:6.0.2Adobe Acrobat Reader 6.0.2
cpe:/a:adobe:acrobat:5.0.5Adobe Acrobat 5.0.5
cpe:/a:adobe:acrobat:6.0Adobe Acrobat 6.0
cpe:/a:adobe:acrobat_reader:6.0.1Adobe Acrobat Reader 6.0.1
cpe:/a:adobe:acrobat:6.0.1Adobe Acrobat 6.0.1

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2470
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2470
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200508-151
(官方数据源) CNNVD

- 其它链接及资源

http://www.kb.cert.org/vuls/id/896220
(UNKNOWN)  CERT-VN  VU#896220
http://www.adobe.com/support/techdocs/321644.html
(VENDOR_ADVISORY)  CONFIRM  http://www.adobe.com/support/techdocs/321644.html
http://www.vupen.com/english/advisories/2005/1434
(UNKNOWN)  VUPEN  ADV-2005-1434
http://xforce.iss.net/xforce/xfdb/21860
(UNKNOWN)  XF  adobe-acrobat-reader-plugin-bo(21860)
http://www.securityfocus.com/bid/14603
(UNKNOWN)  BID  14603
http://www.redhat.com/support/errata/RHSA-2005-750.html
(UNKNOWN)  REDHAT  RHSA-2005:750
http://www.novell.com/linux/security/advisories/2005_19_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2005:019
http://www.gentoo.org/security/en/glsa/glsa-200508-11.xml
(UNKNOWN)  GENTOO  GLSA-200508-11
http://securitytracker.com/id?1014712
(UNKNOWN)  SECTRACK  1014712
http://secunia.com/advisories/16466
(UNKNOWN)  SECUNIA  16466

- 漏洞信息

Adobe Acrobat and Adobe Reader 缓冲区溢出漏洞
高危 缓冲区溢出
2005-08-16 00:00:00 2005-10-20 00:00:00
远程  
        Adobe Reader 5.1至7.0.2 以及Acrobat 5.0至7.0.2中的"核心应用程序插件"存在缓冲区溢出。这使得远程攻击者可以借助于未明向量造成拒绝服务(崩溃)并且可能执行任意代码。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Adobe Acrobat 5.0
        Adobe Adobe Acrobat 5.0.10
        http://www.adobe.com/support/downloads/
        Adobe Acrobat 5.0.5
        Adobe Adobe Acrobat 5.0.10
        http://www.adobe.com/support/downloads/
        Adobe Acrobat Reader (UNIX) 5.0.8
        S.u.S.E. acroread-7.0.1-2.1.i586.rpm
        S.u.S.E. Linux 9.2:
        ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/acroread-7.0.1-2. 1.i586.rpm
        S.u.S.E. acroread-7.0.1-2.1.i586.rpm
        S.u.S.E. Linux 9.3:
        ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/acroread-7.0.1-2. 1.i586.rpm
        S.u.S.E. acroread-7.0.1-2.2.i586.rpm
        S.u.S.E. Linux 9.1:
        ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/acroread-7.0.1-2. 2.i586.rpm
        S.u.S.E. acroread-7.0.1-3.i586.rpm
        S.u.S.E. Linux 9.0:
        ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/acroread-7.0.1-3. i586.rpm
        Adobe Acrobat 6.0
        Adobe Adobe Acrobat 6.0.4
        http://www.adobe.com/support/downloads/
        Adobe Acrobat Reader 6.0
        Adobe Adobe Reader 6.0.4
        http://www.adobe.com/support/downloads/
        Adobe Acrobat 6.0.1
        Adobe Adobe Acrobat 6.0.4
        http://www.adobe.com/support/downloads/
        Adobe Acrobat Reader 6.0.1
        Adobe Adobe Reader 6.0.4
        http://www.adobe.com/support/downloads/
        Adobe Acrobat Reader 6.0.2
        Adobe Adobe Reader 6.0.4
        http://www.adobe.com/support/downloads/
        Adobe Acrobat 6.0.2
        Adobe Adobe Acrobat 6.0.4
        http://www.adobe.com/support/downloads/
        Adobe Acrobat 6.0.3
        Adobe Adobe Acrobat 6.0.4
        http://www.adobe.com/support/downloads/
        Adobe Acrobat Reader 6.0.3
        Adobe Adobe Reader 6.0.4
        http://www.adobe.com/support/downloads/
        Adobe Acrobat Reader (UNIX) 7.0
        Adobe Acrobat Reader for Unix 7.0.1
        http://www.adobe.com/support/downloads
        Adobe Acrobat Reader 7.0
        Adobe Adobe Reader 7.0.3
        http://www.adobe.com/support/downloads/
        Adobe Acrobat 7.0
        Adobe Adobe Acrobat 7.0.3
        http://www.adobe.com/support/downloads/
        Adobe Acrobat 7.0.1
        Adobe Adobe Acrobat 7.0.3
        http://www.adobe.com/support/downloads/
        Adobe Acrobat Reader 7.0.1
        Adobe Adobe Reader 7.0.3
        http://www.adobe.com/support/downloads/
        Adobe Acrobat Reader 7.0.2
        Adobe Adobe Reader 7.0.3
        http://www.adobe.com/support/downloads/
        Adobe Acrobat 7.0.2
        Adobe Adobe Acrobat 7.0.3
        http://www.adobe.com/support/downloads/
        S.u.S.E. Linux Professional 9.3
        S.u.S.E. acroread-7.0.1-2.1.i586.rpm
        S.u.S.E. Linux 9.3:
        ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/acroread-7.0.1-2. 1.i586.rpm
        

- 漏洞信息 (F39525)

Gentoo Linux Security Advisory 200508-11 (PacketStormID:F39525)
2005-08-24 00:00:00
Gentoo  security.gentoo.org
advisory,overflow
linux,gentoo
CVE-2005-2470
[点击下载]

Gentoo Linux Security Advisory GLSA 200508-11 - A buffer overflow has been reported within a core application plug-in, which is part of Adobe Reader. Versions less than 7.0.1.1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200508-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: Adobe Reader: Buffer Overflow
      Date: August 19, 2005
      Bugs: #102730
        ID: 200508-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Adobe Reader is vulnerable to a buffer overflow which could potentially
lead to execution of arbitrary code.

Background
==========

Adobe Reader is a utility used to view PDF files.

Affected packages
=================

    -------------------------------------------------------------------
     Package            /  Vulnerable  /                    Unaffected
    -------------------------------------------------------------------
  1  app-text/acroread      < 7.0.1.1                       >= 7.0.1.1

Description
===========

A buffer overflow has been reported within a core application plug-in,
which is part of Adobe Reader.

Impact
======

An attacker may create a specially-crafted PDF file, enticing a user to
open it. This could trigger a buffer overflow as the file is being
loaded, resulting in the execution of arbitrary code.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Adobe Reader users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-text/acroread-7.0.1.1"

References
==========

  [ 1 ] CAN-2005-2470
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2470
  [ 2 ] Adobe Document 321644
        http://www.adobe.com/support/techdocs/321644.html

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200508-11.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2005 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

    

- 漏洞信息

18845
Adobe Acrobat / Reader Unspecified Core Application Plug-in Overflow
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Unknown

- 漏洞描述

A remote overflow exists in Adobe Acrobat and Adobe Acrobat Reader. An unspecified core application plug-in fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted PDF document, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

- 时间线

2005-08-16 Unknow
Unknow Unknow

- 解决方案

Upgrade to versions listed below or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. Adobe Acrobat Reader for Windows or MacOS version 7.0.3 Adobe Acrobat Reader for Windows or MacOS version 6.0.4 Adobe Acrobat Reader for Linux or Sun Solaris version 7.0.1 Adobe Acrobat for Windows or MacOS version 7.0.3 Adobe Acrobat for Windows or MacOS version 6.0.4 Adobe Acrobat for Windows or MacOS version 5.0.10

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Adobe Acrobat and Adobe Reader Remote Buffer Overflow Vulnerability
Boundary Condition Error 14603
Yes No
2005-08-16 12:00:00 2009-07-12 05:06:00
The vendor announced this vulnerability.

- 受影响的程序版本

S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 9.0 x86_64
S.u.S.E. Linux Professional 9.0
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Enterprise Server 9
Gentoo Linux
Adobe Reader 7.0.2
Adobe Reader 7.0.1
Adobe Reader 7.0
Adobe Reader 6.0.3
Adobe Reader 6.0.2
Adobe Reader 6.0.1
Adobe Reader 6.0
Adobe Reader 5.1
Adobe Acrobat Reader (UNIX) 7.0
Adobe Acrobat Reader (UNIX) 5.0.8
+ Gentoo Linux
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux Connectivity Server
+ S.u.S.E. Linux Database Server 0
+ S.u.S.E. Linux Desktop 1.0
+ S.u.S.E. Linux Enterprise Server 9
+ S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ SuSE SUSE Linux Enterprise Server 8
+ SuSE SUSE Linux Enterprise Server 7
Adobe Acrobat 7.0.2
Adobe Acrobat 7.0.1
Adobe Acrobat 7.0
Adobe Acrobat 6.0.3
Adobe Acrobat 6.0.2
Adobe Acrobat 6.0.1
Adobe Acrobat 6.0
Adobe Acrobat 5.0.5
Adobe Acrobat 5.0
Adobe Reader 7.0.3
Adobe Reader 6.0.4
Adobe Reader 5.0.10
Adobe Acrobat Reader (UNIX) 7.0.1
Adobe Acrobat 7.0.3
Adobe Acrobat 6.0.4
Adobe Acrobat 5.0.10

- 不受影响的程序版本

Adobe Reader 7.0.3
Adobe Reader 6.0.4
Adobe Reader 5.0.10
Adobe Acrobat Reader (UNIX) 7.0.1
Adobe Acrobat 7.0.3
Adobe Acrobat 6.0.4
Adobe Acrobat 5.0.10

- 漏洞讨论

Adobe Acrobat and Adobe Reader are affected by a remote buffer overflow vulnerability. This issue presents itself because the application fails to perform boundary checks prior to copying user-supplied data into sensitive process buffers.

An attacker can exploit this issue by crafting a malicious PDF file and sending it to a vulnerable user. If the victim user opens this PDF file, the attacker may be able to execute arbitrary code on the affected computer and gain unauthorized access in the context of the user.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

Gentoo Linux has released security advisory GLSA 200508-11 addressing this issue. Gentoo recommends all Adobe Reader users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-7.0.1.1"

SUSE has released advisory SUSE-SA:2005:047, along with fixes to address this issue. Please see the referenced advisory for further information.

Adobe has released updates to address this issue:


Adobe Acrobat 5.0

Adobe Acrobat 5.0.5

Adobe Acrobat Reader (UNIX) 5.0.8

Adobe Acrobat 6.0

Adobe Reader 6.0

Adobe Acrobat 6.0.1

Adobe Reader 6.0.1

Adobe Reader 6.0.2

Adobe Acrobat 6.0.2

Adobe Acrobat 6.0.3

Adobe Reader 6.0.3

Adobe Acrobat Reader (UNIX) 7.0

Adobe Reader 7.0

Adobe Acrobat 7.0

Adobe Acrobat 7.0.1

Adobe Reader 7.0.1

Adobe Reader 7.0.2

Adobe Acrobat 7.0.2

S.u.S.E. Linux Professional 9.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站