VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 27, 1999· Updated Apr 16, 2026

CVE-1999-1576

CVE-1999-1576

Description

Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx) 1.3.188 allows remote code execution via setview method on malicious web pages.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx) 1.3.188 allows remote code execution via setview method on malicious web pages.

Vulnerability

Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) version 1.3.188 (Acrobat Reader 4.0) when handling the setview method. The control is marked safe-for-scripting, allowing exploitation via web pages. [1]

Exploitation

An attacker can host a malicious web page that invokes the vulnerable control's setview method with a crafted argument, triggering the buffer overflow. No authentication or user interaction beyond visiting the page is required. [1]

Impact

Arbitrary code execution in the context of the user running the control. The attacker can execute arbitrary commands, leading to full compromise of the system. [1]

Mitigation

Upgrade to a newer version of Adobe Acrobat. The vulnerable version is 1.3.188 and earlier. No other workarounds are mentioned in the reference. [1]

References
  1. CERT/CC Vulnerability Note VU#25919

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Adobe Inc./Acrobat2 versions
    cpe:2.3:a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*
    • (no CPE)range: 4.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

4

News mentions

0

No linked articles in our index yet.