漏洞信息详情
Adobe Acrobat and Adobe Reader 缓冲区溢出漏洞
- CNNVD编号:CNNVD-200508-151
- 危害等级: 高危
- CVE编号: CVE-2005-2470
- 漏洞类型: 缓冲区溢出
- 发布时间: 2005-08-16
- 威胁类型: 远程
- 更新时间: 2005-10-20
- 厂 商: adobe
- 漏洞来源: The vendor announc...
漏洞简介
Adobe Reader 5.1至7.0.2 以及Acrobat 5.0至7.0.2中的\"核心应用程序插件\"存在缓冲区溢出。这使得远程攻击者可以借助于未明向量造成拒绝服务(崩溃)并且可能执行任意代码。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Adobe Acrobat 5.0
Adobe Adobe Acrobat 5.0.10
http://www.adobe.com/support/downloads/
Adobe Acrobat 5.0.5
Adobe Adobe Acrobat 5.0.10
http://www.adobe.com/support/downloads/
Adobe Acrobat Reader (UNIX) 5.0.8
S.u.S.E. acroread-7.0.1-2.1.i586.rpm
S.u.S.E. Linux 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/acroread-7.0.1-2. 1.i586.rpm
S.u.S.E. acroread-7.0.1-2.1.i586.rpm
S.u.S.E. Linux 9.3:
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/acroread-7.0.1-2. 1.i586.rpm
S.u.S.E. acroread-7.0.1-2.2.i586.rpm
S.u.S.E. Linux 9.1:
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/acroread-7.0.1-2. 2.i586.rpm
S.u.S.E. acroread-7.0.1-3.i586.rpm
S.u.S.E. Linux 9.0:
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/acroread-7.0.1-3. i586.rpm
Adobe Acrobat 6.0
Adobe Adobe Acrobat 6.0.4
http://www.adobe.com/support/downloads/
Adobe Acrobat Reader 6.0
Adobe Adobe Reader 6.0.4
http://www.adobe.com/support/downloads/
Adobe Acrobat 6.0.1
Adobe Adobe Acrobat 6.0.4
http://www.adobe.com/support/downloads/
Adobe Acrobat Reader 6.0.1
Adobe Adobe Reader 6.0.4
http://www.adobe.com/support/downloads/
Adobe Acrobat Reader 6.0.2
Adobe Adobe Reader 6.0.4
http://www.adobe.com/support/downloads/
Adobe Acrobat 6.0.2
Adobe Adobe Acrobat 6.0.4
http://www.adobe.com/support/downloads/
Adobe Acrobat 6.0.3
Adobe Adobe Acrobat 6.0.4
http://www.adobe.com/support/downloads/
Adobe Acrobat Reader 6.0.3
Adobe Adobe Reader 6.0.4
http://www.adobe.com/support/downloads/
Adobe Acrobat Reader (UNIX) 7.0
Adobe Acrobat Reader for Unix 7.0.1
http://www.adobe.com/support/downloads
Adobe Acrobat Reader 7.0
Adobe Adobe Reader 7.0.3
http://www.adobe.com/support/downloads/
Adobe Acrobat 7.0
Adobe Adobe Acrobat 7.0.3
http://www.adobe.com/support/downloads/
Adobe Acrobat 7.0.1
Adobe Adobe Acrobat 7.0.3
http://www.adobe.com/support/downloads/
Adobe Acrobat Reader 7.0.1
Adobe Adobe Reader 7.0.3
http://www.adobe.com/support/downloads/
Adobe Acrobat Reader 7.0.2
Adobe Adobe Reader 7.0.3
http://www.adobe.com/support/downloads/
Adobe Acrobat 7.0.2
Adobe Adobe Acrobat 7.0.3
http://www.adobe.com/support/downloads/
S.u.S.E. Linux Professional 9.3
S.u.S.E. acroread-7.0.1-2.1.i586.rpm
S.u.S.E. Linux 9.3:
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/acroread-7.0.1-2. 1.i586.rpm
参考网址
来源: US-CERT
名称: VU#896220
链接:http://www.kb.cert.org/vuls/id/896220
来源: www.adobe.com
链接:http://www.adobe.com/support/techdocs/321644.HTML
来源: XF
名称: adobe-acrobat-reader-plugin-bo(21860)
链接:http://xforce.iss.net/xforce/xfdb/21860
来源: BID
名称: 14603
链接:http://www.securityfocus.com/bid/14603
来源: REDHAT
名称: RHSA-2005:750
链接:http://www.redhat.com/support/errata/RHSA-2005-750.HTML
来源: SUSE
名称: SUSE-SR:2005:019
链接:http://www.novell.com/linux/security/advisories/2005_19_sr.HTML
来源: GENTOO
名称: GLSA-200508-11
链接:http://www.gentoo.org/security/en/glsa/glsa-200508-11.xml
来源: VUPEN
名称: ADV-2005-1434
链接:http://www.frsirt.com/english/advisories/2005/1434
来源: SECTRACK
名称: 1014712
链接:http://securitytracker.com/id?1014712
来源: SECUNIA
名称: 16466
链接:http://secunia.com/advisories/16466
受影响实体
- Adobe Acrobat:7.0.2
- Adobe Acrobat_reader:5.1
- Adobe Acrobat_reader:6.0
- Adobe Acrobat_reader:6.0.1
- Adobe Acrobat_reader:6.0.2
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论