Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.804376
Kategorie:General
Titel:Adobe Reader URI Handler Remote Code Execution Vulnerabilities Oct07 (Windows)
Zusammenfassung:This host is installed with Adobe Reader and is prone to remote code execution;vulnerabilities.
Beschreibung:Summary:
This host is installed with Adobe Reader and is prone to remote code execution
vulnerabilities.

Vulnerability Insight:
Flaws are due to an input validation error when handling specially crafted
URIs with registered URI handlers.

Vulnerability Impact:
Successful exploitation will allow attackers to execute arbitrary code and
compromise a user's system.

Affected Software/OS:
Adobe Reader version 8.1 and prior on Windows.

Solution:
Upgrade to Adobe Reader version 8.1.1 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 25748
BugTraq ID: 25945
Common Vulnerability Exposure (CVE) ID: CVE-2007-5020
http://www.securityfocus.com/bid/25748
Bugtraq: 20070920 0day: PDF pwns Windows (Google Search)
http://www.securityfocus.com/archive/1/480080/100/0/threaded
Cert/CC Advisory: TA07-297B
http://www.us-cert.gov/cas/techalerts/TA07-297B.html
http://www.gnucitizen.org/blog/0day-pdf-pwns-windows
http://www.securitytracker.com/id?1018723
http://www.vupen.com/english/advisories/2007/3392
XForce ISS Database: adobe-unspecified-pdf-code-execution(36722)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36722
Common Vulnerability Exposure (CVE) ID: CVE-2007-3896
http://www.securityfocus.com/bid/25945
Bugtraq: 20071003 0day: mIRC pwns Windows (Google Search)
http://marc.info/?l=bugtraq&m=119143780202107&w=2
Bugtraq: 20071004 Re: 0day: mIRC pwns Windows (Google Search)
http://marc.info/?l=bugtraq&m=119144449915918&w=2
http://www.securityfocus.com/archive/1/481505/100/0/threaded
Bugtraq: 20071004 Re[2]: 0day: mIRC pwns Windows (Google Search)
http://www.securityfocus.com/archive/1/481493/100/100/threaded
Bugtraq: 20071005 RE: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype (Google Search)
http://www.securityfocus.com/archive/1/481624/100/0/threaded
Bugtraq: 20071005 URI handling woes in Acrobat Reader, Netscape, Miranda, Skype (Google Search)
http://marc.info/?l=bugtraq&m=119159924712561&w=2
Bugtraq: 20071009 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype (Google Search)
http://marc.info/?l=bugtraq&m=119168062128026&w=2
Bugtraq: 20071006 Re[2]: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype (Google Search)
http://www.securityfocus.com/archive/1/481664/100/0/threaded
Bugtraq: 20071007 Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype (Google Search)
http://www.securityfocus.com/archive/1/481671/100/0/threaded
Bugtraq: 20071006 Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype (Google Search)
http://www.securityfocus.com/archive/1/481680/100/0/threaded
Bugtraq: 20071007 Re: Re[2]: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype (Google Search)
http://www.securityfocus.com/archive/1/481881/100/0/threaded
Bugtraq: 20071008 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype (Google Search)
http://marc.info/?l=bugtraq&m=119195904813505&w=2
Bugtraq: 20071008 Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape,Miranda, Skype (Google Search)
http://www.securityfocus.com/archive/1/481846/100/0/threaded
http://www.securityfocus.com/archive/1/481839/100/0/threaded
http://www.securityfocus.com/archive/1/481887/100/0/threaded
http://www.securityfocus.com/archive/1/481867/100/0/threaded
Bugtraq: 20071009 RE: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype (Google Search)
http://www.securityfocus.com/archive/1/481871/100/0/threaded
http://marc.info/?l=bugtraq&m=119194714125580&w=2
Bugtraq: 20071011 M$ will fix URI? (Google Search)
http://www.securityfocus.com/archive/1/482090/100/0/threaded
Bugtraq: 20071014 Third-party patch for CVE-2007-3896 (Internet Explorer 7 invalid URI handling) available (Google Search)
http://www.securityfocus.com/archive/1/482292/100/0/threaded
Bugtraq: 20071017 Re: Third-party patch for CVE-2007-3896, UPDATE NOW (Google Search)
http://www.securityfocus.com/archive/1/482437/100/0/threaded
Cert/CC Advisory: TA07-317A
http://www.us-cert.gov/cas/techalerts/TA07-317A.html
CERT/CC vulnerability note: VU#403150
http://www.kb.cert.org/vuls/id/403150
http://marc.info/?l=full-disclosure&m=119159477404263&w=2
http://marc.info/?l=full-disclosure&m=119168727402084&w=2
http://marc.info/?l=full-disclosure&m=119170531020020&w=2
http://marc.info/?l=full-disclosure&m=119171444628628&w=2
http://marc.info/?l=full-disclosure&m=119175323322021&w=2
http://marc.info/?l=full-disclosure&m=119180333805950&w=2
HPdes Security Advisory: HPSBST02291
http://www.securityfocus.com/archive/1/484186/100/0/threaded
HPdes Security Advisory: SSRT071498
http://blogs.zdnet.com/security/?p=577
http://www.heise-security.co.uk/news/96982
http://xs-sniper.com/blog/remote-command-exec-firefox-2005/
Microsoft Security Bulletin: MS07-061
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-061
Microsoft Knowledge Base article: 943521
http://www.microsoft.com/technet/security/advisory/943521.mspx
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4581
http://www.securitytracker.com/id?1018822
http://securitytracker.com/id?1018831
http://secunia.com/advisories/26201
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.