HTTP: Adobe AcroPDF Unsafe ActiveX Control
This signature detects attempts to exploit a known vulnerability in Adobe AcroPDF. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
It is reported that the Adobe Acrobat Reader ActiveX control is prone to information disclosure vulnerability. Reports indicate that the Adobe Acrobat Reader ActiveX control, may be employed to disclose the existence of a target file. Information that is harvested by leveraging this vulnerability may be used to aid in further attacks. This vulnerability is reported to affect Adobe Acrobat Reader version 7.0 and prior versions.
Affected Products
Adobe reader
Short Name
HTTP:STC:CLSID:ACTIVEX:ACROPDF
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
AcroPDF ActiveX Adobe CVE-2005-0035 CVE-2006-6027 CVE-2006-6236 CVE-2019-7040 Control Unsafe bid:12989 bid:21338 bid:21813
Release Date
05/09/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Adobe
CVSS Score
9.3
10.0
5.1