[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-0046Date: (C)2007-01-03   (M)2023-12-22


Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1017469
SUNALERT-102847
http://www.securityfocus.com/archive/1/455801/100/0/threaded
SREASON-2090
SECUNIA-23691
SECUNIA-23812
SECUNIA-23877
SECUNIA-23882
SECUNIA-24533
ADV-2007-0032
ADV-2007-0957
GLSA-200701-16
RHSA-2007:0017
RHSA-2007:0021
SUSE-SA:2007:011
adobe-acrobat-msvcrt-code-execution(31272)
http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf
http://www.adobe.com/support/security/bulletins/apsb07-01.html
http://www.wisec.it/vulns.php?page=9
oval:org.mitre.oval:def:9684

CPE    1
cpe:/a:adobe:acrobat_reader

© SecPod Technologies