Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure file and directory permissions, which allows local users to gain privileges by overwriting program files.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P
Vendors Products
Adobe
  • Acrobat Reader
  • Acrobat

Configuration 1 [-]

OR cpe:2.3:a:adobe:acrobat:*:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:3.0:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:3.1:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:4.0:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:4.0.5:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:4.0.5a:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:4.0.5c:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:5.0:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:5.0.5:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:5.0.10:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:6.0:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:6.0.1:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:6.0.2:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:6.0.3:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:*:*:for_mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:3.0:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:4.0:*:for_mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:4.0.5a:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:4.0.5c:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:5.0:*:for_mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:for_mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:5.1:*:for_mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:6.0:*:for_mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:for_mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:for_mac_os_x:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:for_mac_os_x:*:*:*:*:*
References
Link Resource
http://secunia.com/advisories/21016 Patch Vendor Advisory
http://securitytracker.com/id?1016473
http://www.adobe.com/support/security/bulletins/apsb06-08.html Patch
http://www.osvdb.org/27157
http://www.securityfocus.com/bid/18945 Patch
http://www.vupen.com/english/advisories/2006/2758
https://exchange.xforce.ibmcloud.com/vulnerabilities/27678
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2006-07-12T22:00:00

Updated: 2017-07-19T15:57:01

Reserved: 2006-07-07T00:00:00

Link: CVE-2006-3452

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2006-07-12T22:05:00.000

Modified: 2017-07-20T01:32:19.477

Link: CVE-2006-3452

JSON object: View

cve-icon Redhat Information

No data.

CWE