CERTA-2005-AVI-235

Vulnerability from certfr_avis - Published: 2005-06-28 - Updated: 2005-06-28

None

Description

Les applications Adobe Acrobat et Adobe Reader permettent aux utilisateurs de créer et de manipuler des fichiers PDF (Portable Document Format).

Deux vulnérabilités découvertes dans ces produits permettent à un utilisateur distant mal intentionné d'élever ses privilèges ou d'exécuter arbitrairement du code présent sur le système vulnérable.

Solution

Se référer aux bulletins de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

  • Adobe Acrobat 7.x ;
  • Adobe Reader 7.x.

Seuls les systèmes d'exploitation Apple OS X sont affectés par ces vulnérabilités.

Impacted products
Vendor Product Description
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cUL\u003e    \u003cLI\u003eAdobe Acrobat 7.x ;\u003c/LI\u003e    \u003cLI\u003eAdobe Reader 7.x.\u003c/LI\u003e  \u003c/UL\u003e  \u003cP\u003eSeuls les syst\u00e8mes d\u0027exploitation Apple OS X sont affect\u00e9s par  ces vuln\u00e9rabilit\u00e9s.\u003c/P\u003e",
  "content": "## Description\n\nLes applications Adobe Acrobat et Adobe Reader permettent aux\nutilisateurs de cr\u00e9er et de manipuler des fichiers PDF (Portable\nDocument Format).\n\nDeux vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans ces produits permettent \u00e0 un\nutilisateur distant mal intentionn\u00e9 d\u0027\u00e9lever ses privil\u00e8ges ou\nd\u0027ex\u00e9cuter arbitrairement du code pr\u00e9sent sur le syst\u00e8me vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [],
  "initial_release_date": "2005-06-28T00:00:00",
  "last_revision_date": "2005-06-28T00:00:00",
  "links": [
    {
      "title": "Site Internet de l\u0027\u00e9diteur :",
      "url": "http://www.adobe.com"
    }
  ],
  "reference": "CERTA-2005-AVI-235",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2005-06-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s des produits Adobe pour Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe #331709 du 27 juin 2005",
      "url": "http://www.adobe.com/support/techdocs/331709.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe #331711 du 27 juin 2005",
      "url": "http://www.adobe.com/support/techdocs/331711.html"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.