CVE-2004-0629

Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string.

Published: Sep 28, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-0629
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
adobe / acrobat_reader	5.0	5.0.x
adobe / acrobat_reader	5.0.5	5.0.5.x
adobe / acrobat	5.0	5.0.x
adobe / acrobat	5.0.5	5.0.5.x
adobe / acrobat	6.0.1	6.0.1.x
adobe / acrobat_reader	6.0.1	6.0.1.x
adobe / acrobat_reader	5.1	5.1.x
adobe / acrobat	6.0	6.0.x
adobe / acrobat_reader	6.0	6.0.x
adobe / acrobat_reader	6.0.2	6.0.2.x
adobe / acrobat	6.0.2	6.0.2.x

http://www.adobe.com/support/techdocs/330527.html
http://www.gentoo.org/security/en/glsa/glsa-200408-14.xml
http://www.idefense.com/application/poi/display?id=126&type=vulnerabilities
http://www.securityfocus.com/bid/10947
https://exchange.xforce.ibmcloud.com/vulnerabilities/16998

Vulnerability Database

289,689

CVE-2004-0629