cbcvebase.
CVE-2006-6027
published 2006-11-21

CVE-2006-6027: Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long…

PriorityP265critical9.3CVSS 2.0
AVNACMAuNCCICAC
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
42.95%
98.6th percentile
Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the LoadFile method in an AcroPDF ActiveX control.

Affected

12 ranges
VendorProductVersion rangeFixed in
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
mozillafirefox
operaopera_browser

Detection & IOCsextracted from sources · hover to see the quote

pathC:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll
otherAcroPDFLib.AcroPDF
commandtarget.LoadFile arg1 (arg1=String(6164, "A"))
  • Monitor for exploitation of the AcroPDF ActiveX control's LoadFile method being called with an abnormally long string argument (6164+ bytes) from Internet Explorer, which is the confirmed attack vector.
  • The vulnerable method is LoadFile with memberName 'LoadFile' and argCount of 1; alert on ActiveX instantiation of progid AcroPDFLib.AcroPDF followed by a LoadFile call with a large argument.
  • ·This vulnerability is Windows-specific (ActiveX); Linux versions of Adobe Reader are not affected.
  • ·Affected versions are Adobe Reader/Acrobat Reader 7.0 through 7.0.8 only; the attack surface is the AcroPDF ActiveX control loaded within Internet Explorer.

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck9.3CRITICAL
vendor_redhat9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.