PT-2005-1159 · Microsoft+1 · Internet Explorer+2

Published

2005-04-21

Updated

2011-03-08

CVE-2005-0035

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Adobe Acrobat and Acrobat Reader versions 7.0 and earlier

Description The issue allows remote attackers to determine the existence of arbitrary files when the Acrobat web control is used with Internet Explorer. This is possible via the LoadFile ActiveX method.

Recommendations For Adobe Acrobat and Acrobat Reader versions 7.0 and earlier, consider disabling the LoadFile ActiveX method as a temporary workaround until a patch is available. Restrict access to the Acrobat web control to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0035

Affected Products

Acrobat Reader

Acrobat

Internet Explorer

PT-2005-1159 · Microsoft+1 · Internet Explorer+2

CVE-2005-0035

Related Identifiers

Affected Products

References · 8