Lucene search
BinaryproofZDI-11-302HistoryOct 26, 2011 - 12:00 a.m.
Adobe Reader U3D TIFF Resource Buffer Overflow Remote Code Execution Vulnerability
2011-10-2600:00:00
binaryproof
www.zerodayinitiative.com
26
0.354 Low
EPSS
Percentile
97.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within because Adobe Reader X includes an old version of libtiff. Adobe can be tricked in using this library by parsing a specially crafted PDF file containing U3D data. Due to the old version of libtiff Adobe Reader is vulnerable to the issue described in CVE-2006-3459 which can be leveraged to execute remote code under the context of the user running the application.
Related
securityvulns
securityvulns
ZDI-11-302 : Adobe Reader U3D TIFF Resource Buffer Overflow Remote Code Execution Vulnerability
2011-10-31 00:00:00
[ MDKSA-2006:137 ] - Updated libtiff packages fix multiple vulnerabilities
2006-08-02 00:00:00
Security updates available for Adobe Reader and Acrobat
2011-09-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe PDF File TIFF Buffer Overflow (APSB11-24; CVE-2011-2432)
2011-09-20 00:00:00
cvelist
cvelist
CVE-2011-2432
2011-09-15 10:00:00
CVE-2006-3459
2006-08-03 01:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:11:51
cve
cve
CVE-2006-3459
2006-08-03 01:04:00
CVE-2011-2432
2011-09-15 12:26:49
debiancve
debiancve
CVE-2006-3459
2006-08-03 01:04:00
nvd
nvd
CVE-2011-2432
2011-09-15 12:26:49
CVE-2006-3459
2006-08-03 01:04:00
prion
prion
Buffer overflow
2011-09-15 12:26:00
ubuntucve
ubuntucve
CVE-2006-3459
2006-08-03 00:00:00
CVE-2011-2432
2011-09-15 00:00:00
seebug
seebug
Adobe Acrobat和Reader U3D Tiff远程缓冲区溢出漏洞
2011-10-27 00:00:00
Adobe Reader和Acrobat TIFF图像处理缓冲区溢出漏洞
2010-02-20 00:00:00
Libtiff图形库多个安全漏洞
2006-11-04 00:00:00
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2006-08-04 00:00:00
Adobe Reader: Multiple vulnerabilities
2012-01-30 00:00:00
openvas
openvas
Debian Security Advisory DSA 1137-1 (tiff)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1137-1)
2008-01-17 00:00:00
Slackware Advisory SSA:2006-230-01 libtiff
2012-09-11 00:00:00
debian
debian
[SECURITY] [DSA 1137-1] New tiff packages fix several vulnerabilities
2006-08-02 18:28:12
nessus
nessus
GLSA-200608-07 : libTIFF: Multiple vulnerabilities
2006-08-07 00:00:00
Ubuntu 5.04 / 5.10 / 6.06 LTS : tiff vulnerabilities (USN-330-1)
2007-11-10 00:00:00
suse
suse
possible remote code execution in libtiff
2006-08-01 16:39:12
Security update for Acrobat Reader (critical)
2011-11-15 00:08:44
remote code execution in acroread
2011-11-21 11:41:08
slackware
slackware
[slackware-security] libtiff
2006-08-18 08:00:57
osv
osv
tiff - several vulnerabilities
2006-08-02 00:00:00
ubuntu
ubuntu
tiff vulnerabilities
2006-08-03 00:00:00
centos
centos
libtiff security update
2006-08-04 19:40:44
libtiff security update
2006-08-03 03:41:45
kdegraphics security update
2006-08-28 13:40:53
redhat
redhat
(RHSA-2006:0603) libtiff security update
2006-08-02 00:00:00
(RHSA-2006:0648) kdegraphics security update
2006-08-28 00:00:00
(RHSA-2011:1434) Critical: acroread security update
2011-11-08 00:00:00
freebsd
freebsd
acroread9 -- Multiple Vulnerabilities
2011-12-07 00:00:00