Adobe Acrobat Reader Unspecified Heap Corruption Vulnerability

Bugtraq ID:	21981
Class:	Design Error
CVE:	CVE-2006-5857
Remote:	Yes
Local:	No
Published:	Jan 09 2007 12:00AM
Updated:	Mar 19 2015 08:13AM
Credit:	Piotr Bania <[email protected]> is credited with the discovery of this vulnerability.
Vulnerable:	Turbolinux Turbolinux FUJI SuSE SUSE Linux Enterprise Desktop 10 Sun Solaris 10_sparc S.u.S.E. openSUSE 10.2 S.u.S.E. Novell Linux Desktop 9.0 S.u.S.E. Linux 9.3 x86 S.u.S.E. Linux 10.1 x86 S.u.S.E. Linux 10.0 x86 Gentoo app-text/acroread 7.0.8 Avaya Interactive Response 2.0 Adobe Reader 7.0.8 Adobe Reader 7.0.7 Adobe Reader 7.0.6 Adobe Reader 7.0.5 Adobe Reader 7.0.4 Adobe Reader 7.0.3 Adobe Reader 7.0.2 Adobe Reader 7.0.1 Adobe Reader 7.0 Adobe Reader 6.0.4 Adobe Reader 6.0.3 Adobe Reader 6.0.2 Adobe Reader 6.0.1 Adobe Reader 6.0 Adobe Reader 5.1 Adobe Reader 5.0.10 Adobe Reader 5.0.5 Adobe Reader 5.0 Adobe Reader 4.0.5 A Adobe Reader 4.0 5c - Microsoft Windows 95 - Microsoft Windows 98 - Microsoft Windows NT 4.0 Adobe Reader 4.0 5 - Microsoft Windows 2000 Professional - Microsoft Windows 95 - Microsoft Windows NT 4.0 Adobe Reader 4.0 - Microsoft Windows 95 - Microsoft Windows 98 - Microsoft Windows NT 4.0 Adobe Reader 3.0 - Microsoft Windows 95 - Microsoft Windows 98 - Microsoft Windows NT 4.0 Adobe Acrobat Standard 7.0.8 Adobe Acrobat Standard 7.0.7 Adobe Acrobat Standard 7.0.6 Adobe Acrobat Standard 7.0.5 Adobe Acrobat Standard 7.0.4 Adobe Acrobat Standard 7.0.3 Adobe Acrobat Standard 7.0.2 Adobe Acrobat Standard 7.0.1 Adobe Acrobat Standard 7.0 Adobe Acrobat Reader (UNIX) 7.0.1 Adobe Acrobat Reader (UNIX) 7.0 Adobe Acrobat Reader (UNIX) 5.0.11 Adobe Acrobat Reader (UNIX) 5.0.10 + Gentoo Linux Adobe Acrobat Reader (UNIX) 5.0.9 + Gentoo Linux + S.u.S.E. Linux 8.1 + S.u.S.E. Linux 8.0 i386 + S.u.S.E. Linux 8.0 + S.u.S.E. Linux Connectivity Server + S.u.S.E. Linux Database Server 0 + S.u.S.E. Linux Desktop 1.0 + S.u.S.E. Linux Enterprise Server 9 + S.u.S.E. Linux Personal 9.2 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 + S.u.S.E. Linux Personal 8.2 + SuSE SUSE Linux Enterprise Server 8 + SuSE SUSE Linux Enterprise Server 7 Adobe Acrobat Reader (UNIX) 5.0.8 + Gentoo Linux + S.u.S.E. Linux 8.1 + S.u.S.E. Linux 8.0 i386 + S.u.S.E. Linux 8.0 + S.u.S.E. Linux Connectivity Server + S.u.S.E. Linux Database Server 0 + S.u.S.E. Linux Desktop 1.0 + S.u.S.E. Linux Enterprise Server 9 + S.u.S.E. Linux Personal 9.2 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 + S.u.S.E. Linux Personal 8.2 + SuSE SUSE Linux Enterprise Server 8 + SuSE SUSE Linux Enterprise Server 7 Adobe Acrobat Reader (UNIX) 5.0 7 Adobe Acrobat Reader (UNIX) 5.0 6 Adobe Acrobat Reader (UNIX) 5.0 5 - Caldera OpenLinux Server 3.1 - Caldera OpenLinux Workstation 3.1 - Debian Linux 2.2 - Mandriva Linux Mandrake 8.1 - Mandriva Linux Mandrake 8.0 - Mandriva Linux Mandrake 7.2 - Mandriva Linux Mandrake 7.1 - RedHat Linux 7.3 - RedHat Linux 7.1 - RedHat Linux 7.0 - S.u.S.E. Linux 8.0 - S.u.S.E. Linux 7.1 - Slackware Linux 8.0 - Slackware Linux 7.1 - Slackware Linux 7.0 - Sun Solaris 8_sparc - Sun Solaris 7.0 - Sun Solaris 2.6 Adobe Acrobat Reader (UNIX) 5.0 Adobe Acrobat Professional 7.0.8 Adobe Acrobat Professional 7.0.7 Adobe Acrobat Professional 7.0.6 Adobe Acrobat Professional 7.0.5 Adobe Acrobat Professional 7.0.4 Adobe Acrobat Professional 7.0.3 Adobe Acrobat Professional 7.0.2 Adobe Acrobat Professional 7.0.1 Adobe Acrobat Professional 7.0 Adobe Acrobat 3D 0 Adobe Acrobat 7.0.3 Adobe Acrobat 7.0.2 Adobe Acrobat 7.0.1 Adobe Acrobat 7.0 Adobe Acrobat 6.0.5 Adobe Acrobat 6.0.4 Adobe Acrobat 6.0.3 Adobe Acrobat 6.0.2 Adobe Acrobat 6.0.1 Adobe Acrobat 6.0 Adobe Acrobat 5.0.10 Adobe Acrobat 5.0.5 Adobe Acrobat 5.0 Adobe Acrobat 4.0.5 A Adobe Acrobat 4.0 5c - Microsoft Windows 95 - Microsoft Windows 98 - Microsoft Windows NT 4.0 Adobe Acrobat 4.0 5 - Microsoft Windows 95 - Microsoft Windows 98 - Microsoft Windows NT 4.0 Adobe Acrobat 4.0 - Microsoft Windows 95 - Microsoft Windows 98 - Microsoft Windows NT 4.0 Adobe Acrobat 3.1 Adobe Acrobat 3.0 - Microsoft Windows 95 - Microsoft Windows 98 - Microsoft Windows NT 4.0
Not Vulnerable:	Gentoo app-text/acroread 7.0.9 Adobe Reader 7.0.9 Adobe Reader 8.0 Adobe Acrobat Standard 8.0 Adobe Acrobat Professional 8.0

Adobe Acrobat Reader Unspecified Heap Corruption Vulnerability

Adobe Acrobat Reader is prone to a heap-based buffer-overflow vulnerability because the application fails to properly bounds-check malicious PDF files, resulting in a heap-based buffer overflow.

Successfully exploiting this issue may allow a remote attacker to execute arbitrary code in the context of the victim user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

An attacker could exploit this issue by enticing a victim to open a malicious PDF file.

Adobe Acrobat Reader Unspecified Heap Corruption Vulnerability

Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

Adobe Acrobat Reader Unspecified Heap Corruption Vulnerability

Solution:
The vendor has released an advisory along with fixes to address this issue. Please see the referenced advisory for information on obtaining and applying fixes.


Adobe Reader 7.0

• Turbolinux AdobeReader_enu-7.0.9-1TL1.i686.rpm
  
  ftp://ftp.turbolinux.co.jp/pub/TurboLinux/

Adobe Acrobat Reader Unspecified Heap Corruption Vulnerability

References:

• Adobe Homepage (Adobe)
  
• Adobe Reader Download Page (Adobe)
  
• Adobe Security Advisory APSB07-01 (Adobe)
  
• Sun Alert ID: 102847 (Sun)
  
• Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite (Piotr Bania)
  
• Adobe Reader Remote Heap Memory Corruption-Subroutine Pointer Overwrite (Piotr Bania)
  
• ASA-2007-134 - Multiple Security Vulnerabilities in Adobe Reader May Lead to Exe (Avaya)