HTTP: Adobe Download Manager AOM File Section Name Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Adobe Download Manger. An attacker can create malicious Web pages containing dangerous AOM File sections known to be used by Adobe products to update existing software. If these sections are accessed by a victim, the attacker can gain control of the client system.
Extended Description
Adobe Download Manager is affected by a remote buffer-overflow vulnerability. An attacker can exploit this issue by crafting a malicious AOM file and enticing a user to view a webpage containing the file. A successful attack may result in arbitrary code execution. This issue affects Adobe Download Manager 2.1 and prior versions.
Affected Products
Adobe download_manager
References
BugTraq: 21453
CVE: CVE-2006-5856
URL: http://research.eeye.com/html/advisories/published/AD20061205.html
Short Name
HTTP:STC:ADOBE:DLMGR-AOM-OF
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
AOM Adobe Buffer CVE-2006-5856 Download File Manager Name Overflow Section bid:21453
Release Date
12/11/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Adobe
CVSS Score
6.8