返回 CVE 浏览器

CVE-2004-0630

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0330%

EPSS Percentile11.93th

Published2004年8月18日

Last Modified2026年4月16日

Vulnerability Description

The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command.

Affected Platforms (CPE)

📦

Adobe

Acrobat Reader

= 5.0

📦

Adobe

Acrobat Reader

= 5.0.5

📦

Adobe

Acrobat Reader

= 5.0.6

References & Advisories

🔗 http://security.gentoo.org/glsa/glsa-200408-14.xml

🔗 http://www.adobe.com/support/techdocs/322914.html

🔗 http://www.idefense.com/application/poi/display?id=124&type=vulnerabilities

🔗 http://www.redhat.com/support/errata/RHSA-2004-432.html

🔗 http://www.securityfocus.com/bid/10931

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/16973

🔗 http://security.gentoo.org/glsa/glsa-200408-14.xml

🔗 http://www.adobe.com/support/techdocs/322914.html

相关漏洞威胁

CVE-2004-115210.0

Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary c...

CVE-2004-115310.0

Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (appl...

CVE-2004-063110.0

Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions...

CVE-2013-273010.0

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to exec...