1. CVE-Search
  2. CVE-2006-3452
ID CVE-2006-3452
Summary Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure file and directory permissions, which allows local users to gain privileges by overwriting program files. This vulnerability only exists in multi-user environments. This vulnerability is addressed in the following product releases: Adobe, Acrobat Reader, 6.0.5 for Mac OSX Adobe, Acrobat, 6.0.5 for Mac OSX
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:acrobat:3.0:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:3.0:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:3.1:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:3.1:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:4.0:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:4.0:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:4.0.5:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:4.0.5:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:4.0.5a:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:4.0.5a:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:4.0.5c:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:4.0.5c:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:5.0:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:5.0:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:5.0.5:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:5.0.5:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:5.0.10:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:5.0.10:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:6.0:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:6.0:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:6.0.1:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:6.0.1:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:6.0.2:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:6.0.2:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:6.0.3:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:6.0.3:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat:*:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat:*:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:3.0:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:3.0:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:4.0:*:for_mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:4.0:*:for_mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:4.0.5a:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:4.0.5a:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:4.0.5c:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:4.0.5c:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:5.0:*:for_mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:5.0:*:for_mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:for_mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:for_mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:5.1:*:for_mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:5.1:*:for_mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:6.0:*:for_mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:6.0:*:for_mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:for_mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:for_mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:for_mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:for_mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:for_mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:for_mac_os_x:*:*:*:*:*
  • cpe:2.3:a:adobe:acrobat_reader:*:*:for_mac_os_x:*:*:*:*:*
    cpe:2.3:a:adobe:acrobat_reader:*:*:for_mac_os_x:*:*:*:*:*
CVSS
Base: 4.6 (as of 20-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 18945
confirm http://www.adobe.com/support/security/bulletins/apsb06-08.html
osvdb 27157
sectrack 1016473
secunia 21016
vupen ADV-2006-2758
xf acrobat-reader-insecure-permissions(27678)
Last major update 20-07-2017 - 01:32
Published 12-07-2006 - 22:05
Last modified 20-07-2017 - 01:32
Back to Top