Adobe Reader '/Registry' And '/Ordering' Buffer Overflow Vulnerability (Win) Network Vulnerability

Summary

This host is installed with Adobe Reader and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow attacker to execute arbitrary code. Impact Level: System/Application

Solution

Apply the patch from the below link ftp://ftp.adobe.com/pub/adobe/acrobat/win/4.x/ac405up2.exe NOTE : Ignore this warning, if above mentioned patch is already applied.

Insight

The flaw is due to the program fails to validate the '/Registry' and '/Ordering' strings

Affected

Adobe Reader version 4.0.5 and before on Windows.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://archives.neohapsis.com/archives/bugtraq/2000-07/0382.html
http://www.kb.cert.org/vuls/id/31554
http://www.osvdb.com/9291
http://xforce.iss.net/xforce/xfdb/5002

Updated on 2015-03-25

Severity

Classification

CVE CVE-2000-0713

CVSS	Base Score: 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Active Perl 'Perl_repeatcpy()' Function Buffer Overflow Vulnerability (Windows)
Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Linux)
Bopup Communication Server Remote Buffer Overflow Vulnerability
Advantech Studio Multiple Buffer Overflow Vulnerabilities
CA eTrust PestPatrol Anti-Spyware 'ppctl.dll' ActiveX Control BOF Vulnerability

Adobe Reader '/Registry' and '/Ordering' Buffer Overflow Vulnerability (Win)

Take action and discover your vulnerabilities