Vulnerability CVE-2000-0713


Published: 2000-10-20   Modified: 2008-09-05

Description:
Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier.

Vendor: Adobe
Product: Acrobat business tools 
Version: 4.05; 4.0;
Product: Acrobat 
Version:
4.0.5
4.0
3.0
Product: Acrobat reader 
Version:
4.0.5
4.0
3.0

CVSS2 => (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.6/10
10/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://www.securityfocus.com/bid/1509
http://archives.neohapsis.com/archives/bugtraq/2000-07/0382.html
http://www.adobe.com/misc/pdfsecurity.html

Related CVE
CVE-2017-3103
Adobe Connect versions 9.6.1 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to a stored cross-site scripting attack.
CVE-2017-3102
Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability. Successful exploitation could lead to a reflected cross-site scripting attack.
CVE-2017-3101
Adobe Connect versions 9.6.1 and earlier have a clickjacking vulnerability. Successful exploitation could lead to a clickjacking attack.
CVE-2016-0959
Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release before 18.0.0.324, Adobe Flash Player for Google Chrome before 20.0.0.267, Adobe Flash Player for Microsoft Edge and Int...
CVE-2015-0955
Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 6.1.0.
CVE-2017-3098
Adobe Captivate versions 9 and earlier have a remote code execution vulnerability in the quiz reporting feature that could be abused to read and write arbitrary files to the server.
CVE-2017-3096
Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the character code mapping module. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3097
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading functions in the installer plugin. A successful exploitation could lead to arbitrary code executio...

Copyright 2017, cxsecurity.com