9.3

CVE-2006-6236

Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the (1) src, (2) setPageMode, (3) setLayoutMode, and (4) setNamedDest methods in an AcroPDF ActiveX control, a different set of vectors than CVE-2006-6027.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeAcrobat Reader Version7.0
AdobeAcrobat Reader Version7.0.1
AdobeAcrobat Reader Version7.0.2
AdobeAcrobat Reader Version7.0.3
AdobeAcrobat Reader Version7.0.4
AdobeAcrobat Reader Version7.0.5
AdobeAcrobat Reader Version7.0.6
AdobeAcrobat Reader Version7.0.7
AdobeAcrobat Reader Version7.0.8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 19.59% 0.971
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://research.eeye.com/html/alerts/zeroday/20061128.html
http://secunia.com/advisories/23138
Vendor Advisory
http://www.adobe.com/support/security/advisories/apsa06-02.html
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/198908
US Government Resource
http://www.securityfocus.com/archive/1/453579/100/0/threaded
http://www.vupen.com/english/advisories/2006/4751
https://exchange.xforce.ibmcloud.com/vulnerabilities/30574
http://www.securityfocus.com/bid/21338
Patch
Vendor Advisory
http://www.securityfocus.com/bid/21813
https://exchange.xforce.ibmcloud.com/vulnerabilities/31167
https://www.exploit-db.com/exploits/3040