CVE-2006-5857Out-of-bounds Write in Adobe Acrobat

CWE-3996 documents4 sources
Severity
9.3CRITICALNVD
EPSS
23.2%
top 4.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedDec 31
Latest updateMay 1

Description

Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader7.0.8+28
NVDadobe/acrobat7.0.8+24

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

1
GHSA
GHSA-7gvq-qwwx-xxf5: Adobe Reader and Acrobat 72022-05-01

📋Vendor Advisories

1
Red Hat
security flaw2007-01-10

💬Community

3
Bugzilla
CVE-2006-5857 security flaw2018-08-16
Bugzilla
CVE-2006-5857 Multiple Acrobat vulnerabilities (CVE-2007-0045 CVE-2007-0046)2007-01-11
Bugzilla
CVE-2006-5857 Multiple Acrobat vulnerabilities (CVE-2007-0045 CVE-2007-0046)2007-01-05
CVE-2006-5857 — Out-of-bounds Write in Adobe Acrobat | cvebase