Signature Detail
Short Name |
HTTP:STC:ADOBE:PDF-EXT-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Acrobat Reader File Extension Buffer Overflow |
Release Date |
2004/11/08 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Adobe Acrobat Reader File Extension Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A malicious HTTP server can host an Adobe Acrobat file with an overly long extension; when a client opens this file in Adobe Acrobat Reader, the file triggers a buffer overflow, enabling the server to execute arbitrary code on the client.
Extended Description
Adobe Acrobat and Reader are prone to a stack-based buffer overflow vulnerability. This issue exists in routines that parse document filenames. A malformed file name may trigger this condition when the file is opened. If a user could be enticed to open an appropriately named document, this could potentially allow for remote code execution. This issue appears to affect Adobe Acrobat and Reader 6.x releases on Microsoft Windows platforms.
Affected Products
- Adobe Acrobat 6.0.0
- Adobe Acrobat 6.0.1
- Adobe Reader 6.0.0
- Adobe Reader 6.0.1
References
- BugTraq: 10696
- CVE: CVE-2004-0632