Adobe Acrobat Reader LoadFile information disclosure ...
Adobe Acrobat Reader LoadFile information disclosure ...
Date Discovered: 2005. április 1.
Date Published: 2005. április 4.
Last Updated: 2005. április 4.
The information below provides details about this vulnerability.
Vulnerability Description
Vulnerability ID: 32697
Discovered By: NISCC
Exploitable Locally: No Exploitable
Remotely: Yes
Impact: Attackers can gain sensitive information.
Root Cause: Software Vulnerability
Adobe Acrobat Reader contains a vulnerability that can allow an attacker to determine if files exist. The vulnerability is due to the Acrobat Reader control LoadFile directive giving away information when there is an attempt to open a local file. An attacker can use the Acrobat Reader control in a webpage to perform file existence checks.
Recommendations
32697 - Acrobat Reader
Upgrade to 7.0.1 or later.
http://www.adobe.com/
Affected Technologies
Adobe Systems Incorporated: Acrobat Reader 4.0
Adobe Systems Incorporated: Acrobat Reader 4.05
Adobe Systems Incorporated: Acrobat Reader 5.0.5
Adobe Systems Incorporated: Acrobat Reader 5.0.6
Adobe Systems Incorporated: Acrobat Reader 5.0.7
Adobe Systems Incorporated: Acrobat Reader 5.0.8
Adobe Systems Incorporated: Acrobat Reader 5.0.9
Adobe Systems Incorporated: Acrobat Reader 5.1
Adobe Systems Incorporated: Acrobat Reader 6.0.0
Adobe Systems Incorporated: Acrobat Reader 6.0.2
Adobe Systems Incorporated: Acrobat Reader 6.01
Adobe Systems Incorporated: Acrobat Reader 7.0
References
Mitre CVE: CAN-2005-0035
More information on CA Vulnerability Information Center:
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32697
Computer Associates – the Trusted Source of Security Knowledge
Back
- Microsoft revamps Bing to include interactive social sidebar
The three-column interface also includes a ´snapshot´ for more direct interaction with products and places.
- Adobe Creative Cloud Now Available
Two New Touch Apps for iOS and Adobe Muse Also Shipping
- Acer G6 series - Super-slim design, inspiring performance
- Come Explore the VIA Smart Ecosystem at Computex 2012
- HP tries to beat ultrabook pricing with thin-and-light Sleekbooks
- MasterCard´s PayPass Wallet will span online, mobile, in-store shopping
- Google infringed Java copyrights in Android, jury finds
- After false alarm, no verdict Friday in Oracle Google
- Lenovo building industrial center to develop tablets, smartphones
- Facebook´s valuation for IPO will be lower than initially expected
Member of IVSZ
Member of SZEK
Acer Affinity Gold partner
Dell Registered Partner
OKI System Shinrai Partner
XEROX Viszonteladó
APC megbízható szállító
EATON Authorized Partner
Cisco partner
Symantec Software Partner
ESET Partner
FUJITSU partner
LENOVO Premium Partner
IBM Business Partner
PARTNERS: Computerworld.hu | GameStar.hu | PCWorld.hu | SG.hu | PC Guru | Hitel