Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory.
Max CVSS
5.0
EPSS Score
0.56%
Published
2004-10-12
Updated
2017-07-11
Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into components, which allows remote attackers to execute arbitrary code via a file with a long extension that is not normally handled by Reader, triggering a buffer overflow.
Max CVSS
7.5
EPSS Score
10.73%
Published
2004-07-27
Updated
2017-07-11
Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string.
Max CVSS
7.5
EPSS Score
4.49%
Published
2004-09-28
Updated
2017-07-11
3 vulnerabilities found