Adobe Reader '/Registry' And '/Ordering' Buffer Overflow Vulnerability (Win) Network Vulnerability

Summary

This host is installed with Adobe Reader and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow attacker to execute arbitrary code. Impact Level: System/Application

Solution

Apply the patch from the below link ftp://ftp.adobe.com/pub/adobe/acrobat/win/4.x/ac405up2.exe NOTE : Ignore this warning, if above mentioned patch is already applied.

Insight

The flaw is due to the program fails to validate the '/Registry' and '/Ordering' strings

Affected

Adobe Reader version 4.0.5 and before on Windows.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://archives.neohapsis.com/archives/bugtraq/2000-07/0382.html
http://www.kb.cert.org/vuls/id/31554
http://www.osvdb.com/9291
http://xforce.iss.net/xforce/xfdb/5002

Updated on 2015-03-25

Severity

Classification

CVE CVE-2000-0713

CVSS	Base Score: 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Reader Buffer Overflow Vulnerability Sep09 (Win)
Adobe Reader Multiple BOF Vulnerabilities - Jun09 (Linux)
CA ARCserve Backup Multiple Bufffer Overflow Vulnerabilities
Adobe Flash Player Multiple Vulnerabilities - Mar09 (Linux)
avast! Multiple Vulnerabilities - Oct09 (Win)

Adobe Reader '/Registry' and '/Ordering' Buffer Overflow Vulnerability (Win)

Take action and discover your vulnerabilities