CVE-2004-0631 - Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linu

CVE-2004-0631

Summary

Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via a long filename for the PDF file that is provided to the uudecode command.

References

Vulnerable Configurations

cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 11-07-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

redhat via4

advisories

rhsa

id	RHSA-2004:432

refmap via4

bid	10932
confirm	http://www.adobe.com/support/techdocs/322914.html
gentoo	GLSA-200408-14
idefense	20040812 Adobe Acrobat Reader (Unix) 5.0 Uudecode Filename Buffer Overflow Vulnerability
xf	adobe-acrobat-uudecode-bo(16972)

Last major update

11-07-2017 - 01:30

Published

18-08-2004 - 04:00

Last modified

11-07-2017 - 01:30