Multiple vulnerabilities in Adobe Reader and Adobe Acrobat



Published: 2008-02-07 | Updated: 2016-12-15
Risk Critical
Patch available YES
Number of vulnerabilities 6
CVE-ID CVE-2007-5659
CVE-2008-0667
CVE-2007-5666
CVE-2007-5663
CVE-2008-0726
CVE-2008-0655
CWE-ID CWE-119
CWE-399
CWE-426
CWE-190
Exploitation vector Network
Public exploit Vulnerability #1 is being exploited in the wild.
Public exploit code for vulnerability #4 is available.
Public exploit code for vulnerability #5 is available.
Vulnerability #6 is being exploited in the wild.
Vulnerable software
Subscribe
Adobe Reader
Client/Desktop applications / Office applications

Adobe Acrobat
Client/Desktop applications / Office applications

Vendor Adobe

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

1) Stack-based buffer overflow

EUVDB-ID: #VU1330

Risk: Critical

CVSSv3.1:

CVE-ID: CVE-2007-5659

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a boundary error within Javascript method. A remote attacker can create a specially .pdf file, trick the victim into opening it, trigger stack-based buffer overflow and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

Mitigation

Install update from vendor's website:

Adobe Reader 7 and 8:
https://www.adobe.com/products/acrobat/readstep2.html
Adobe Acrobat for Windows:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3849
Adobe Acrobat for Macintosh:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3856
Adobe Acrobat 3D version:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3850
Adobe Reader 7:
https://www.adobe.com/go/getreader
Adobe Acrobat 7 for Windows:
https://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows
Adobe Acrobat 7 for Macintosh:
https://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh

Vulnerable software versions

Adobe Reader: 8.0 - 8.1.2, 7.0 - 7.0.9

Adobe Acrobat: 7.0 - 7.1.0, 8.0 - 8.1.2


CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb08-13.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Security bypass

EUVDB-ID: #VU1331

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2008-0667

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error in JavaScript API DOC.print function. By sending a malicious PDF file and persuading a victim to open it, a remote attacker can configure silent non-interactive printing of an arbitrary number of copies of .pdf files.

Successful exploitation of the vulnerability results in unauthorized access to the vulnerable system.

Mitigation

Install update from vendor's website:

Adobe Reader 7 and 8:
https://www.adobe.com/products/acrobat/readstep2.html
Adobe Acrobat for Windows:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3849
Adobe Acrobat for Macintosh:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3856
Adobe Acrobat 3D version:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3850
Adobe Reader 7:
https://www.adobe.com/go/getreader
Adobe Acrobat 7 for Windows:
https://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows
Adobe Acrobat 7 for Macintosh:
https://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh

Vulnerable software versions

Adobe Acrobat: 7.0 - 7.1.0, 8.0 - 8.1.2

Adobe Reader: 8.0 - 8.1.2, 7.0 - 7.0.9


CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb08-13.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

3) Untrusted search path

EUVDB-ID: #VU1332

Risk: High

CVSSv3.1:

CVE-ID: CVE-2007-5666

CWE-ID: CWE-426 - Untrusted Search Path

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to the way the application loads .dll libraries. A remote attacker can place a specially crafted .dll file along with PDF document on a remote SMB or WebDav share, trick the victim into opening that document and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website:

Adobe Reader 7 and 8:
https://www.adobe.com/products/acrobat/readstep2.html
Adobe Acrobat for Windows:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3849
Adobe Acrobat for Macintosh:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3856
Adobe Acrobat 3D version:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3850
Adobe Reader 7:
https://www.adobe.com/go/getreader
Adobe Acrobat 7 for Windows:
https://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows
Adobe Acrobat 7 for Macintosh:
https://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh

Vulnerable software versions

Adobe Reader: 8.0 - 8.1.2, 7.0 - 7.0.9

Adobe Acrobat: 7.0 - 7.1.0, 8.0 - 8.1.2


CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb08-13.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

4) Memory corruption

EUVDB-ID: #VU1333

Risk: High

CVSSv3.1:

CVE-ID: CVE-2007-5663

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to buffer overflow whithin JavaScript implementation. A remote attacker can create a specially .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Mitigation

Install update from vendor's website:

Adobe Reader 7 and 8:
https://www.adobe.com/products/acrobat/readstep2.html
Adobe Acrobat for Windows:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3849
Adobe Acrobat for Macintosh:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3856
Adobe Acrobat 3D version:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3850
Adobe Reader 7:
https://www.adobe.com/go/getreader
Adobe Acrobat 7 for Windows:
https://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows
Adobe Acrobat 7 for Macintosh:
https://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh

Vulnerable software versions

Adobe Acrobat: 7.0 - 7.1.0, 8.0 - 8.1.2

Adobe Reader: 8.0 - 8.1.2, 7.0 - 7.0.9


CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb08-13.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

5) Integer overflow

EUVDB-ID: #VU1334

Risk: High

CVSSv3.1:

CVE-ID: CVE-2008-0726

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to integer overflow in a JavaScript function. A remote attacker can create a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Mitigation

Install update from vendor's website:

Adobe Reader 7 and 8:
https://www.adobe.com/products/acrobat/readstep2.html
Adobe Acrobat for Windows:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3849
Adobe Acrobat for Macintosh:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3856
Adobe Acrobat 3D version:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3850
Adobe Reader 7:
https://www.adobe.com/go/getreader
Adobe Acrobat 7 for Windows:
https://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows
Adobe Acrobat 7 for Macintosh:
https://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh

Vulnerable software versions

Adobe Acrobat: 7.0 - 7.1.0, 8.0 - 8.1.2

Adobe Reader: 8.0 - 8.1.2, 7.0 - 7.0.9


CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb08-13.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

6) Security bypass

EUVDB-ID: #VU1335

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2008-0655

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error in JavaScript API DOC.print function. A remote attacker can create a specially crafted PDF file, persuade a victim to open it and configure silent unauthorized printing of 1000 copies from a PDF file.

Successful exploitation of the vulnerability results in unauthorized access to the vulnerable system.

Mitigation

Install update from vendor's website:

Adobe Reader 7 and 8:
https://www.adobe.com/products/acrobat/readstep2.html
Adobe Acrobat for Windows:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3849
Adobe Acrobat for Macintosh:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3856
Adobe Acrobat 3D version:
https://www.adobe.com/support/downloads/detail.jsp?ftpID=3850
Adobe Reader 7:
https://www.adobe.com/go/getreader
Adobe Acrobat 7 for Windows:
https://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows
Adobe Acrobat 7 for Macintosh:
https://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh

Vulnerable software versions

Adobe Reader: 8.0 - 8.1.2, 7.0 - 7.0.9

Adobe Acrobat: 7.0 - 7.1.0, 8.0 - 8.1.2


CPE2.3 External links

http://www.adobe.com/support/security/bulletins/apsb08-13.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###