SMTP: Adobe Acrobat "uudecode()" File Execution
This signature detects a maliciously crafted PDF file attached to an e-mail. Attackers can insert certain shell metacharacters at the beginning of a uuencoded PDF file to force Adobe Acrobat to execute arbitrary commands upon loading the file.
Extended Description
A remote code execution vulnerability is identified in Adobe Acrobat Reader. This issue may allow an attacker gain unauthorized access to a vulnerable computer. Acrobat Reader is affected by a shell metacharacter command execution vulnerability. This issue exists due to insufficient sanitization of user-supplied data by Acrobat Reader for Unix and Linux platforms. Successful exploitation can allow an attacker to use a specially crafted file name to execute arbitrary commands and applications through the shell. Adobe Acrobat Reader version 5.0 for Unix and Linux platforms is reported vulnerable to this issue. Acrobat Reader for Microsoft Windows platforms is not affected by this issue.
Affected Products
Suse linux_personal
Short Name
SMTP:MAL:ACROBAT-UUEXEC
Severity
Major
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
"uudecode()" Acrobat Adobe CVE-2004-0631 Execution File bid:10931
Release Date
11/09/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Suse
Adobe
CVSS Score
10.0