Adobe PageMaker key strings buffer overflow

2008-11-10T00:00:00
ID SAINT:27FAADC5E3CEBFD2C7FE31A20B91096F
Type saint
Reporter SAINT Corporation
Modified 2008-11-10T00:00:00

Description

Added: 11/10/2008
CVE: CVE-2007-6432
BID: 31999
OSVDB: 50055

Background

Adobe PageMaker is page layout software.

Problem

A buffer overflow vulnerability in **AldFs32.dll** allows command execution when a user opens a specially crafted PMD file.

Resolution

See the solution referenced in APSA08-10.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=749>

Limitations

Exploit works on Adobe PageMaker 7.0.1 and requires a user to open the exploit file in Adobe PageMaker.

Platforms

Windows