CVE-2005-1625 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat Reader

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

15.0%

top 5.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Acrobat Reader

Timeline

PublishedJul 5

Latest updateMay 1

Description

Stack-based buffer overflow in the UnixAppOpenFilePerform function in Adobe Reader 5.0.9 and 5.0.10 for Unix allows remote attackers to execute arbitrary code via a PDF document with a long /Filespec tag.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDadobe/acrobat_reader5.0.10, 5.0.9+1

Patches

Patch: www.adobe.com ↗Patch: www.idefense.com ↗Patch: www.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-f447-v6fh-h748: Stack-based buffer overflow in the UnixAppOpenFilePerform function in Adobe Reader 5↗2022-05-01

▶

📋Vendor Advisories

Red Hat

security flaw↗2005-07-06

▶

💬Community

Bugzilla

CVE-2005-1625 security flaw↗2018-08-16

▶