CVE-2005-1841Insecure Inherited Permissions in Adobe Acrobat Reader

CWE-277Insecure Inherited Permissions5 documents5 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 71.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Acrobat Reader
Timeline
PublishedJul 7
Latest updateMay 1

Description

The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX, and AIX creates temporary files with the permissions as specified in a user's umask, which could allow local users to read PDF documents of that user if the umask allows it.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDadobe/acrobat_reader5.0.10, 5.0.9+1

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

1
GHSA
GHSA-59ff-cvgw-6592: The control for Adobe Reader 52022-05-01

📋Vendor Advisories

1
Red Hat
security flaw2005-07-07

📐Framework References

1
CWE
Insecure Inherited Permissions

💬Community

1
Bugzilla
CVE-2005-1841 security flaw2018-08-16
CVE-2005-1841 — Insecure Inherited Permissions in Adobe | cvebase