Adobe PageMaker MAIPM6.dll Long Font Name Buffer Overflow Vulnerability
BID:25989
Info
Adobe PageMaker MAIPM6.dll Long Font Name Buffer Overflow Vulnerability
| Bugtraq ID: | 25989 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-5169 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 09 2007 12:00AM |
| Updated: | Nov 15 2007 12:37AM |
| Credit: | The vendor credits Tan Chew Keong with the discovery of this vulnerability. |
| Vulnerable: |
Adobe Pagemaker 7.0.2 Adobe Pagemaker 7.0.1 |
| Not Vulnerable: | |
Discussion
Adobe PageMaker MAIPM6.dll Long Font Name Buffer Overflow Vulnerability
Adobe PageMaker is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker could exploit this issue to crash affected applications, deny service to legitimate users, or take over the system. A vendor-supplied fix is available.
This issue affects PageMaker 7.0.1 and 7.0.2; other versions may also be affected.
Adobe PageMaker is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker could exploit this issue to crash affected applications, deny service to legitimate users, or take over the system. A vendor-supplied fix is available.
This issue affects PageMaker 7.0.1 and 7.0.2; other versions may also be affected.
Exploit / POC
Adobe PageMaker MAIPM6.dll Long Font Name Buffer Overflow Vulnerability
To exploit this issue, an attacker must entice an unsuspecting victim to open a specially crafted PageMaker file.
NOTE: The researcher responsible for discovering this issue has developed proof-of-concept exploit code, but it is not publicly available; please see the references for details.
UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
To exploit this issue, an attacker must entice an unsuspecting victim to open a specially crafted PageMaker file.
NOTE: The researcher responsible for discovering this issue has developed proof-of-concept exploit code, but it is not publicly available; please see the references for details.
UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
Solution / Fix
Adobe PageMaker MAIPM6.dll Long Font Name Buffer Overflow Vulnerability
Solution:
Adobe has released an advisory and updates to address this issue.
Adobe Pagemaker 7.0.1
Adobe Pagemaker 7.0.2
Solution:
Adobe has released an advisory and updates to address this issue.
Adobe Pagemaker 7.0.1
-
Adobe MAIPM6.zip
http://www.adobe.com/support/security/bulletins/downloads/MAIPM6.zip
Adobe Pagemaker 7.0.2
-
Adobe MAIPM6.zip
http://www.adobe.com/support/security/bulletins/downloads/MAIPM6.zip
References
Adobe PageMaker MAIPM6.dll Long Font Name Buffer Overflow Vulnerability
References:
References:
- Adobe Pagemaker Homepage (Adobe)
- Adobe PageMaker Long Font-Name Buffer Overflow Vulnerability (Tan Chew Keong)
- Adobe Security Advisory APSB07-15 (Adobe)