{ "id": "CVE-2006-3452", "sourceIdentifier": "cve@mitre.org", "published": "2006-07-12T22:05:00.000", "lastModified": "2024-11-21T00:13:38.670", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure file and directory permissions, which allows local users to gain privileges by overwriting program files." }, { "lang": "es", "value": "Adobe Reader y Acrobat 6.0.4 y anteriores en Mac OSX, tiene un archivo y permisos de directorio inseguros, lo que permite a usuarios locales obtener privilegios sobrescribiendo archivos de programa." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 4.6, "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 3.9, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:*:*:mac_os_x:*:*:*:*:*", "versionEndIncluding": "6.0.4", "matchCriteriaId": "094C5CA3-3A53-4FBB-A3B0-AAACFB483798" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:3.0:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "CFE305BD-C0A6-446F-B024-F863D18E7118" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:3.1:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "BFBD3E27-47F7-47B2-AB79-3412E0C5CFAD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:4.0:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "D07FEC05-6428-494D-9D06-3F32E9A888D0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "91822723-E6A1-4BDD-B5DE-EC74EBBBA757" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5a:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "50EAFD44-E165-4CDE-8E91-89FEE7B76380" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5c:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "CBE1AA7A-3ECA-4562-8352-2BE7BC198165" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:5.0:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "D86D2131-3847-4FCE-95DC-1DD7E27EEDF3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:5.0.5:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "1BF315DE-ADB4-41C2-B751-CE1D85BD7C7C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:5.0.10:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "39BB7A9A-DD1D-496D-BD5A-9838BF89ADD6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:6.0:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "8C6B978A-2D9B-442E-87FC-07401356C662" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:6.0.1:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "B22A936C-A184-426C-A35A-BAAE7A1798C1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:6.0.2:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "DBF188C8-9AEB-4090-80C8-12AEEC9A818A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:6.0.3:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "81BEE82F-FA1F-4CD4-95CC-CFB2F26ABB0A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:for_mac_os_x:*:*:*:*:*", "versionEndIncluding": "6.0.4", "matchCriteriaId": "513E7A9E-EBB9-443C-A20C-0C7295B8023F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:3.0:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "83F48E77-3ACA-4996-9662-7A7F304253DD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0:*:for_mac_os_x:*:*:*:*:*", "matchCriteriaId": "22FD4844-D304-4F90-8BB1-BF6634C7B9F7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "F7E6B88A-8039-44E8-ADCF-55605D6B0861" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5a:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "642DCA9D-41C8-438B-A463-6ADBA9F52184" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5c:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "B4FFFB1C-3FC1-41D8-BBAB-BAC8090344EC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0:*:for_mac_os_x:*:*:*:*:*", "matchCriteriaId": "B67896FB-2722-4A9E-8957-09F3AEBC3CC8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:for_mac_os_x:*:*:*:*:*", "matchCriteriaId": "5166180B-7499-469C-83EF-A07E4BA785FA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:mac_os_x:*:*:*:*:*", "matchCriteriaId": "2661711B-22F9-4793-9AEC-C369D664EF0E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.1:*:for_mac_os_x:*:*:*:*:*", "matchCriteriaId": "7A86FD0B-0B14-4424-9073-E4B0AF5DBB9F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0:*:for_mac_os_x:*:*:*:*:*", "matchCriteriaId": "3D340FEB-E80D-4FE0-937F-A0998CF27370" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:for_mac_os_x:*:*:*:*:*", "matchCriteriaId": "EA35B0B4-E4EA-4799-880E-6872B04F6CA5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:for_mac_os_x:*:*:*:*:*", "matchCriteriaId": "1EC84245-B9AE-42B1-A1F2-3EBB69F7B59D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:for_mac_os_x:*:*:*:*:*", "matchCriteriaId": "FB1E657F-8DB5-4A4E-A789-93C6927A0776" } ] } ] } ], "references": [ { "url": "http://secunia.com/advisories/21016", "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://securitytracker.com/id?1016473", "source": "cve@mitre.org" }, { "url": "http://www.adobe.com/support/security/bulletins/apsb06-08.html", "source": "cve@mitre.org", "tags": [ "Patch" ] }, { "url": "http://www.osvdb.org/27157", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/18945", "source": "cve@mitre.org", "tags": [ "Patch" ] }, { "url": "http://www.vupen.com/english/advisories/2006/2758", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27678", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/21016", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://securitytracker.com/id?1016473", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.adobe.com/support/security/bulletins/apsb06-08.html", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] }, { "url": "http://www.osvdb.org/27157", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/bid/18945", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] }, { "url": "http://www.vupen.com/english/advisories/2006/2758", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27678", "source": "af854a3a-2127-422b-91ae-364da2661108" } ], "evaluatorSolution": "This vulnerability only exists in multi-user environments.\r\nThis vulnerability is addressed in the following product releases:\r\nAdobe, Acrobat Reader, 6.0.5 for Mac OSX\r\nAdobe, Acrobat, 6.0.5 for Mac OSX" }