CVE-2005-2470 - OpenCVE

Buffer overflow in a "core application plug-in" for Adobe Reader 5.1 through 7.0.2 and Acrobat 5.0 through 7.0.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Adobe	Acrobat Reader Acrobat

Configuration 1 [-]

OR	cpe:2.3:a:adobe:acrobat:5.0:::::::*
	cpe:2.3:a:adobe:acrobat:5.0.5:::::::*
	cpe:2.3:a:adobe:acrobat:6.0:::::::*
	cpe:2.3:a:adobe:acrobat:6.0.1:::::::*
	cpe:2.3:a:adobe:acrobat:6.0.2:::::::*
	cpe:2.3:a:adobe:acrobat:7.0:::::::*
	cpe:2.3:a:adobe:acrobat:7.0.1:::::::*
	cpe:2.3:a:adobe:acrobat:7.0.2:::::::*
	cpe:2.3:a:adobe:acrobat_reader:5.1:::::::*
	cpe:2.3:a:adobe:acrobat_reader:6.0:::::::*
	cpe:2.3:a:adobe:acrobat_reader:6.0.1:::::::*
	cpe:2.3:a:adobe:acrobat_reader:6.0.2:::::::*
	cpe:2.3:a:adobe:acrobat_reader:6.0.3:::::::*
	cpe:2.3:a:adobe:acrobat_reader:7.0:::::::*
	cpe:2.3:a:adobe:acrobat_reader:7.0.1:::::::*
	cpe:2.3:a:adobe:acrobat_reader:7.0.2:::::::*

References

Link	Resource
http://secunia.com/advisories/16466
http://securitytracker.com/id?1014712
http://www.adobe.com/support/techdocs/321644.html	Patch Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200508-11.xml
http://www.kb.cert.org/vuls/id/896220	US Government Resource
http://www.novell.com/linux/security/advisories/2005_19_sr.html
http://www.redhat.com/support/errata/RHSA-2005-750.html
http://www.securityfocus.com/bid/14603
http://www.vupen.com/english/advisories/2005/1434
https://exchange.xforce.ibmcloud.com/vulnerabilities/21860

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2005-08-16T04:00:00

Updated: 2017-07-10T14:57:01

Reserved: 2005-08-05T00:00:00

Link: CVE-2005-2470

JSON object: View

NVD Information

Status : Modified

Published: 2005-08-16T04:00:00.000

Modified: 2017-07-11T01:32:51.860

Link: CVE-2005-2470

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-08-16T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in a \"core application plug-in\" for Adobe Reader 5.1 through 7.0.2 and Acrobat 5.0 through 7.0.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "RHSA-2005:750", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2005-750.html"}, {"name": "adobe-acrobat-reader-plugin-bo(21860)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21860"}, {"name": "SUSE-SR:2005:019", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"}, {"name": "14603", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/14603"}, {"name": "GLSA-200508-11", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200508-11.xml"}, {"name": "1014712", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1014712"}, {"name": "VU#896220", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/896220"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.adobe.com/support/techdocs/321644.html"}, {"name": "ADV-2005-1434", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/1434"}, {"name": "16466", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/16466"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-2470", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in a \"core application plug-in\" for Adobe Reader 5.1 through 7.0.2 and Acrobat 5.0 through 7.0.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2005:750", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-750.html"}, {"name": "adobe-acrobat-reader-plugin-bo(21860)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21860"}, {"name": "SUSE-SR:2005:019", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"}, {"name": "14603", "refsource": "BID", "url": "http://www.securityfocus.com/bid/14603"}, {"name": "GLSA-200508-11", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200508-11.xml"}, {"name": "1014712", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014712"}, {"name": "VU#896220", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/896220"}, {"name": "http://www.adobe.com/support/techdocs/321644.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/techdocs/321644.html"}, {"name": "ADV-2005-1434", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/1434"}, {"name": "16466", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/16466"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-2470", "datePublished": "2005-08-16T04:00:00", "dateReserved": "2005-08-05T00:00:00", "dateUpdated": "2017-07-10T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "201F059D-33D1-4D9F-9C6F-FC8EB49E4735", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:5.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "B025E795-5713-485E-8A15-EBE4451A1A46", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "183B5940-2310-4D2E-99F0-9792A801A442", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F8BB13E-2732-4F9E-A588-EA1C00893C8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E5FCDCBF-597B-439C-8D8B-2819FC70C567", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "FECFC942-4F04-420C-A9B4-AE0C0590317F", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "F81817F2-1E3A-4A52-88F1-6B614A2A1F0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFFFFF0D-A80F-4B67-BEE2-86868EF7AA37", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACF742B8-5F7A-487B-835C-756B1BB392F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0BB7C0C-B1D6-4733-BA91-022A1A7FB2E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0B131DB8-4B6A-4AF2-8D5E-B5EA1AEBFB3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B9351C2-16ED-4766-B417-8DB3A8766C2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "74667860-0047-40AD-9468-860591BA9D17", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6E2D0266-6954-4DBA-9EEE-8BF73B39DD61", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "24262AFA-2EC8-479E-8922-36DB4243E404", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F1E62096-08B2-4722-A492-11E9A441E85B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in a \"core application plug-in\" for Adobe Reader 5.1 through 7.0.2 and Acrobat 5.0 through 7.0.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors."}], "id": "CVE-2005-2470", "lastModified": "2017-07-11T01:32:51.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-08-16T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/16466"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1014712"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.adobe.com/support/techdocs/321644.html"}, {"source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200508-11.xml"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/896220"}, {"source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-750.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/14603"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/1434"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21860"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}