{"vuid":"VU#25919","idnumber":"25919","name":"Adobe Acrobat ActiveX Control buffer overflow in setview method","keywords":["Adobe Acrobat","ActiveX Control","PDF","PDF.OCX","Buffer Overflow","setview"],"overview":"","clean_desc":"The Adobe Acrobat ActiveX control has a buffer overflow in the setview method. Because the control is marked safe-for-scripting, this vulnerability can be exploited via a web page if the user has the vulnerable control installed. This control is implemtned in the file pdf.ocx and has a ClassID of {CA8A9780-280D-11CF-A24D-444553540000}. The control can also be referenced as PDF.PdfCtrl.1.","impact":"An attacker may exploit the buffer overflow to execute arbitrary commands on the system running the vulnerable control. Because the control is marked safe-for-scripting, an attacker may be able to launch this attack when you visit a web page.","resolution":"Upgrade to a newer version of Adobe Acrobat This problem appears to be limited to version 1.3.188 of Adobe Acrobat and earlier.","workarounds":"","sysaffected":"","thanks":"","author":"This document was written by Cory F Cohen.","public":["h","t","t","p",":","/","/","w","w","w",".","t","i","a","c",".","n","e","t","/","u","s","e","r","s","/","s","m","i","t","h","s","/","a","c","c","t","r","o","j","/","b","u","f","f","o","v","f",".","h","t","m"],"cveids":["CVE-1999-1484"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2000-08-21T14:37:04Z","publicdate":"1999-09-30T00:00:00Z","datefirstpublished":"2000-11-02T22:07:02Z","dateupdated":"2000-11-02T22:07:04Z","revision":4,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"2","cam_population":"15","cam_impact":"17","cam_easeofexploitation":"10","cam_attackeraccessrequired":"16","cam_scorecurrent":"16.83","cam_scorecurrentwidelyknown":"16.83","cam_scorecurrentwidelyknownexploited":"32.13","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":16.83,"vulnote":null}