exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 2 of 2 RSS Feed

CVE-2007-5666

Status Candidate

Overview

Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655.

Related Files

Gentoo Linux Security Advisory 200803-1
Posted Mar 3, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200803-01:04 - Adobe Acrobat Reader is vulnerable to remote code execution, Denial of Service, and cross-site request forgery attacks. Versions less than 8.1.2 are affected.

tags | advisory, remote, denial of service, code execution, csrf
systems | linux, gentoo
advisories | CVE-2007-1199, CVE-2007-5659, CVE-2007-5663, CVE-2007-5666, CVE-2008-0655, CVE-2008-0667, CVE-2008-0726
SHA-256 | 3b620d56e2d1802267a0433a31893c83d5b29b6e044a17c553f561841201749d
iDEFENSE Security Advisory 2008-02-08.2
Posted Feb 11, 2008
Authored by iDefense Labs, Greg MacManus | Site idefense.com

iDefense Security Advisory 02.08.08 - Remote exploitation of an unsafe library path vulnerability in Adobe Systems Inc.'s Adobe Reader may allow attackers to execute arbitrary code as the current user. This vulnerability is due to Adobe Reader using a path for "Security Provider" libraries that contains the directory the application was started in. Security Provider libraries provide encryption and signature verification routines to applications. If the current directory contains a file with the same name as a Security Provider library, the file will be loaded into the application, potentially allowing code execution. iDefense has confirmed this vulnerability exists in Adobe Reader 8.1 installed on Windows XP and Windows Vista. Previous versions, as well as those for other platforms, may also be affected.

tags | advisory, remote, arbitrary, code execution
systems | windows
advisories | CVE-2007-5666
SHA-256 | d4fa880a29e7e14ddec6cb6cc8521a592d10b2b7b07c917d7f97f961261d764d
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close