Adobe Reader Temporary Files Arbitrary File Overwrite Vulnerability (Linux) Network Vulnerability

Summary

This host is installed with Adobe Reader and is prone to symlink attack vulnerability.

Impact

Successful exploitation will allow attacker to create a symbolic link from a file in the /tmp directory to an arbitrary file on the system so that the arbitrary file is overwritten once the PDF file is opened. Impact Level: System/Application

Solution

Update to Adobe Reader version 5.0.5 or later. For Updates refer http://www.adobe.com

Insight

The flaw is due to the creation of insecure temporary files when opening or printing PDF files

Affected

Adobe Reader version 4.0.5 on Linux.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://xforce.iss.net/xforce/xfdb/9407

Updated on 2017-03-28

Severity

Classification

CVE CVE-2002-1764

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Detection of Dangerous ActiveX Control
ESET Remote Administrator Version Detection
ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
Comodo Internet Security Race Condition Vulnerability-01
IMAP Unencrypted Cleartext Logins

Take action and discover your vulnerabilities