>> Adobe Acrobat / Reader DoS and Local File Discovery Vulnerabilities
Title : Adobe Acrobat / Reader DoS and Local File Discovery Vulnerabilities VUPEN ID : VUPEN/ADV-2005-0310 CVE ID : CVE-2005-0035 - CVE-2005-0492 CWE ID : CWE-
Rated as : Low Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2005-04-02
Technical Description
Two vulnerabilities were identified in Adobe Reader and Acrobat, which may be exploited by attackers to cause a denial of service or to discover the existence of local files.
- The first issue is due to an unspecified error when handling an invalid count value in the root page node, which may cause the application to crash.
- The second flaw resides in the Adobe web control and could be exploited (via a malicious web page) to discover the existence of local files by calling the ".LoadFile" method and monitoring its behaviour.
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback If you have additional information or corrections for this security advisory please submit them via our contact form.
