Adobe Reader < 8.1.1 Crafted PDF File Arbitrary Code Execution

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The PDF file viewer on the remote Windows host allows execution of
arbitrary code.

Description :

The installation of Adobe Reader on the remote host allows execution
of arbitrary code by means of a specially crafted PDF file with a
malicious 'mailto:' link.

Note that the issue only exists on systems running Windows XP or
Windows 2003 with Internet Explorer 7.0.

See also :

http://www.gnucitizen.org/blog/0day-pdf-pwns-windows
http://www.securityfocus.com/archive/1/archive/1/480080/100/0/threaded
http://www.adobe.com/support/security/bulletins/apsb07-18.html

Solution :

Upgrade to Adobe Reader 8.1.1 or later or disable 'mailto' support as
described in the vendor advisory above.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 27584 (adobe_reader_811.nasl)

Bugtraq ID: 25748

CVE ID: CVE-2007-5020

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now