製品・ソフトウェアに関する情報

JVN脆弱性詳細

Mac OS X 上で稼働する Adobe Reader および Acrobat における権限を取得される脆弱性

Title	Mac OS X 上で稼働する Adobe Reader および Acrobat における権限を取得される脆弱性
Summary	Mac OS X 上で稼働する Adobe Reader および Acrobat には、権限を取得される脆弱性が存在します。
Possible impacts	ローカルユーザにより、権限を取得される可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	July 12, 2006, midnight
Registration Date	Dec. 26, 2013, 3:44 p.m.
Last Update	Dec. 26, 2013, 3:44 p.m.

CVSS2.0 : 警告
Score	4.6
Vector	AV:L/AC:L/Au:N/C:P/I:P/A:P

Affected System

アドビシステムズ

Adobe Acrobat 6.0.4 およびそれ以前

Adobe Reader 6.0.4 およびそれ以前

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2006-3452	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3452
National Vulnerability Database (NVD)
2	CVE-2006-3452	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3452

ベンダー情報

No	Name	URL
関連リンク
1	18945	http://www.securityfocus.com/bid/18945
2	21016	http://secunia.com/advisories/21016
3	apsb06-08	http://www.adobe.com/support/security/bulletins/apsb06-08.html

Change Log

No	Changed Details	Date of change
0	[2013年12月26日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2006-3452

Summary	Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure file and directory permissions, which allows local users to gain privileges by overwriting program files.
Summary	This vulnerability only exists in multi-user environments. This vulnerability is addressed in the following product releases: Adobe, Acrobat Reader, 6.0.5 for Mac OSX Adobe, Acrobat, 6.0.5 for Mac OSX
Publication Date	July 13, 2006, 7:05 a.m.
Registration Date	Jan. 29, 2021, 3:41 p.m.
Last Update	July 20, 2017, 10:32 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:adobe:acrobat:3.0::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:3.1::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:4.0::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:4.0.5::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:4.0.5a::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:4.0.5c::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:5.0::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:5.0.5::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:5.0.10::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:6.0::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:6.0.1::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:6.0.2::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:6.0.3::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:::mac_os_x:::::*		6.0.4
cpe:2.3:a:adobe:acrobat_reader:3.0::mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:4.0::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:4.0.5::mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:4.0.5a::mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:4.0.5c::mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:5.0::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:5.0.5::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:5.0.10::mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:5.1::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:6.0::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:6.0.1::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:6.0.2::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:6.0.3::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:::for_mac_os_x:::::*		6.0.4

Related information, measures and tools

No	URL	refsource	タグ
1	http://secunia.com/advisories/21016	SECUNIA	Patch Vendor Advisory
2	http://securitytracker.com/id?1016473	SECTRACK
3	http://www.adobe.com/support/security/bulletins/apsb06-08.html	CONFIRM	Patch
4	http://www.osvdb.org/27157	OSVDB
5	http://www.securityfocus.com/bid/18945	BID	Patch
6	http://www.vupen.com/english/advisories/2006/2758	VUPEN
7	https://exchange.xforce.ibmcloud.com/vulnerabilities/27678	XF

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:adobe:acrobat:3.0::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:3.1::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:4.0::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:4.0.5::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:4.0.5a::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:4.0.5c::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:5.0::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:5.0.5::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:5.0.10::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:6.0::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:6.0.1::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:6.0.2::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:6.0.3::mac_os_x:::::
cpe:2.3:a:adobe:acrobat:::mac_os_x:::::*		6.0.4
cpe:2.3:a:adobe:acrobat_reader:3.0::mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:4.0::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:4.0.5::mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:4.0.5a::mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:4.0.5c::mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:5.0::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:5.0.5::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:5.0.10::mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:5.1::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:6.0::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:6.0.1::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:6.0.2::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:6.0.3::for_mac_os_x:::::
cpe:2.3:a:adobe:acrobat_reader:::for_mac_os_x:::::*		6.0.4