CVE-2006-6236

Name of the Vulnerable Software and Affected Versions Adobe Reader versions 7.0 through 7.0.8

Description The issue allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the src, setPageMode, setLayoutMode, and setNamedDest methods in an AcroPDF ActiveX control.

Recommendations For Adobe Reader versions 7.0 through 7.0.8, consider disabling the AcroPDF ActiveX control as a temporary workaround until a patch is available. Restrict access to the src, setPageMode, setLayoutMode, and setNamedDest methods to minimize the risk of exploitation.