Adobe Reader '/Registry' And '/Ordering' Buffer Overflow Vulnerability (Win) Network Vulnerability

Summary

This host is installed with Adobe Reader and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow attacker to execute arbitrary code. Impact Level: System/Application

Solution

Apply the patch from the below link ftp://ftp.adobe.com/pub/adobe/acrobat/win/4.x/ac405up2.exe NOTE : Ignore this warning, if above mentioned patch is already applied.

Insight

The flaw is due to the program fails to validate the '/Registry' and '/Ordering' strings

Affected

Adobe Reader version 4.0.5 and before on Windows.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://archives.neohapsis.com/archives/bugtraq/2000-07/0382.html
http://www.kb.cert.org/vuls/id/31554
http://www.osvdb.com/9291
http://xforce.iss.net/xforce/xfdb/5002

Updated on 2015-03-25

Severity

Classification

CVE CVE-2000-0713
CVSS Base Score: 7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Mac OS X)
Adobe Reader/Acrobat Multiple Vulnerabilities - Nov08 (Win)
Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Linux)
Adobe Air Buffer Overflow Vulnerability (Mac OS X)
Apple QuickTime Multiple Buffer Overflow Vulnerabilities (Windows)

Adobe Reader '/Registry' and '/Ordering' Buffer Overflow Vulnerability (Win)

Take action and discover your vulnerabilities