Overview
- Description
- The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F0FCA2F-FD7F-4CE5-9D45-324A7EC45105"
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF7EAA22-CED2-4379-9465-9562BACB1C20"
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "35B1CA6B-600C-4E03-B4D5-3D7E1BC4D0F9"
}
],
"operator": "OR"
}
]
}
]