CVE-2004-0630

Sažetak

The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command.

Reference

http://security.gentoo.org/glsa/glsa-200408-14.xml
http://www.adobe.com/support/techdocs/322914.html
http://www.idefense.com/application/poi/display?id=124&type=vulnerabilities
http://www.redhat.com/support/errata/RHSA-2004-432.html
http://www.securityfocus.com/bid/10931
https://exchange.xforce.ibmcloud.com/vulnerabilities/16973

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

11-07-2017 - 01:30

Objavljeno

18-08-2004 - 04:00