Summary
This host is installed with Adobe Reader and is prone to code execution vulnerability.
Impact
Successful exploitation will allow attacker to launch a symlink attack and execute code on the system.
Impact Level: System/Application
Solution
Update to Adobe Reader version 5.0.6 or later. For Updates refer http://www.adobe.com
Insight
The flaw is due to the application creating 'AdobeFnt.lst' file with insecure permissions.
Affected
Adobe Reader version 4.0.5 and 5.0.5 on Linux.
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2001-1069 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities-01 Sep14 (Mac OS X)
- Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability
- Adobe AIR Multiple Vulnerabilities-01 Jan15 (Windows)
- Adobe Flash Player Code Execution and DoS Vulnerabilities (Linux)
- Adobe Flash Player 9.0.115.0 and earlier vulnerability (Lin)