Vulnerabilities > CVE-2004-1153 - Denial-Of-Service vulnerability in Adobe Acrobat Reader 6.0/6.0.2/8.0

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
adobe
critical
NVD
Published: 2005-01-10
Updated: 2017-10-11

Summary

Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an .ETD document containing format string specifiers in (1) title or (2) baseurl fields.

Vulnerable Configurations

Part Description Count
Application
Adobe
3

Oval

accepted2014-10-06T04:04:11.161-04:00
classvulnerability
contributors
  • nameMatthew Wojcik
    organizationThe MITRE Corporation
  • nameJonathan Baker
    organizationThe MITRE Corporation
  • nameMaria Mikhno
    organizationALTX-SOFT
descriptionFormat string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an .ETD document containing format string specifiers in (1) title or (2) baseurl fields.
familywindows
idoval:org.mitre.oval:def:2919
statusaccepted
submitted2005-04-26T12:00:00.000-04:00
titleAdobe Acrobat Reader .ETD Document Code Execution Vulnerability
version5

References