Adobe Reader and Acrobat AcroPDF.dll ActiveX Control Remote Code Execution Vulnerabilities
BID:21338
Info
Adobe Reader and Acrobat AcroPDF.dll ActiveX Control Remote Code Execution Vulnerabilities
| Bugtraq ID: | 21338 |
| Class: | Design Error |
| CVE: |
CVE-2006-6236 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 28 2006 12:00AM |
| Updated: | Dec 08 2006 10:34PM |
| Credit: | FrSIRT discovered this issue. |
| Vulnerable: |
Adobe Reader 7.0.8 Adobe Reader 7.0.7 Adobe Reader 7.0.6 Adobe Reader 7.0.5 Adobe Reader 7.0.4 Adobe Reader 7.0.3 Adobe Reader 7.0.2 Adobe Reader 7.0.1 Adobe Reader 7.0 Adobe Acrobat Standard 7.0.8 Adobe Acrobat Standard 7.0.7 Adobe Acrobat Standard 7.0.6 Adobe Acrobat Standard 7.0.5 Adobe Acrobat Standard 7.0.4 Adobe Acrobat Standard 7.0.3 Adobe Acrobat Standard 7.0.2 Adobe Acrobat Standard 7.0.1 Adobe Acrobat Standard 7.0 Adobe Acrobat Professional 7.0.8 Adobe Acrobat Professional 7.0.7 Adobe Acrobat Professional 7.0.6 Adobe Acrobat Professional 7.0.5 Adobe Acrobat Professional 7.0.4 Adobe Acrobat Professional 7.0.3 Adobe Acrobat Professional 7.0.2 Adobe Acrobat Professional 7.0.1 Adobe Acrobat Professional 7.0 |
| Not Vulnerable: |
Adobe Reader 8.0 Adobe Acrobat Standard 8.0 Adobe Acrobat Professional 8.0 |
Discussion
Adobe Reader and Acrobat AcroPDF.dll ActiveX Control Remote Code Execution Vulnerabilities
Adobe Reader and Acrobat with AcroPDF.dll ActiveX control are prone to multiple remote code-execution vulnerabilities.
Exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control and to compromise affected computers.
These versions are affected:
Adobe Reader 7.0.0 to 7.0.8
Adobe Acrobat Standard 7.0.0 to 7.0.8
Adobe Acrobat Professional 7.0.0 to 7.0.8.
Adobe Reader and Acrobat with AcroPDF.dll ActiveX control are prone to multiple remote code-execution vulnerabilities.
Exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control and to compromise affected computers.
These versions are affected:
Adobe Reader 7.0.0 to 7.0.8
Adobe Acrobat Standard 7.0.0 to 7.0.8
Adobe Acrobat Professional 7.0.0 to 7.0.8.
Exploit / POC
Adobe Reader and Acrobat AcroPDF.dll ActiveX Control Remote Code Execution Vulnerabilities
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution / Fix
Adobe Reader and Acrobat AcroPDF.dll ActiveX Control Remote Code Execution Vulnerabilities
Solution:
The vendor has released an advisory along with fixes to address this issue. Please see the referenced advisory for information on obtaining and applying fixes.
Solution:
The vendor has released an advisory along with fixes to address this issue. Please see the referenced advisory for information on obtaining and applying fixes.
References
Adobe Reader and Acrobat AcroPDF.dll ActiveX Control Remote Code Execution Vulnerabilities
References:
References: