Intrusion Prevention

Adobe.Acrobat.AcroPDF.DLL.Remote.DoS

Description

This indicates an attempt to exploit a Denial of Service vulnerability in Adobe Acrobat Reader.
The vulnerability is a result of memory corruption errors in the AcroPDF ActiveX control (AcroPDF.dll). It does not properly handle malformed arguments passed to the "setPageMode()", "setLayoutMode()", "setNamedDest()" and "LoadFile()" methods. The vulnerability can be exploited by remote attackers to execute arbitrary commands by tricking a user into visiting a specially crafted web page with Internet Explorer.

Affected Products

Adobe Acrobat Standard 7.0.8
Adobe Acrobat Standard 7.0.7
Adobe Acrobat Standard 7.0.6
Adobe Acrobat Standard 7.0.5
Adobe Acrobat Standard 7.0.4
Adobe Acrobat Standard 7.0.3
Adobe Acrobat Standard 7.0.2
Adobe Acrobat Standard 7.0.1
Adobe Acrobat Standard 7.0
Adobe Acrobat Reader 7.0.8
Adobe Acrobat Reader 7.0.7
Adobe Acrobat Reader 7.0.6
Adobe Acrobat Reader 7.0.5
Adobe Acrobat Reader 7.0.4
Adobe Acrobat Reader 7.0.3
Adobe Acrobat Reader 7.0.2
Adobe Acrobat Reader 7.0.1
Adobe Acrobat Reader 7.0
Adobe Acrobat Professional 7.0.8
Adobe Acrobat Professional 7.0.7
Adobe Acrobat Professional 7.0.6
Adobe Acrobat Professional 7.0.5
Adobe Acrobat Professional 7.0.4
Adobe Acrobat Professional 7.0.3
Adobe Acrobat Professional 7.0.2
Adobe Acrobat Professional 7.0.1
Adobe Acrobat Professional 7.0

Impact

System Compromise.
Denial of Service.

Recommended Actions

Refer to Adobe Security Bulletin APSB06-20 for patch, upgrade, and suggested workaround information:
http://www.adobe.com/support/security/bulletins/apsb06-20.html

CVE References

CVE-2006-6236