Adobe PageMaker MAIPM6.DLL font name buffer overflow

2007-11-19T00:00:00
ID SAINT:2FDC966579D358D8379521BC1EF5BD3A
Type saint
Reporter SAINT Corporation
Modified 2007-11-19T00:00:00

Description

Added: 11/19/2007
CVE: CVE-2007-5169
BID: 25989
OSVDB: 38067

Background

Adobe PageMaker is page layout software.

Problem

A buffer overflow vulnerability in MAIPM6.DLL allows command execution when a user opens a **.PMD** file containing specially crafted font names.

Resolution

Apply the update referenced in APSB07-15.

References

<http://secunia.com/advisories/27158>

Limitations

Exploit works on Adobe PageMaker 7.0.1 and requires a user to download and open a **.PMD** file.

Platforms

Windows