Description
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Martyn Gilmore · textremotelinux
https://www.exploit-db.com/exploits/22771
References (9)
Core 9
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/9038
Vendor Advisory vendor-advisory
x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2003:071
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/200132
Mailing List mailing-list
x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html
Patch, Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-196.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/9037
Patch, Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-197.html
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=105777963019186&w=2
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664
Scores
EPSS
0.2551
EPSS Percentile
96.3%
Details
Status
published
Products (12)
adobe/acrobat
5.0.6
mandrakesoft/mandrake_linux
9.0
mandrakesoft/mandrake_linux
9.1
mandrakesoft/mandrake_linux_corporate_server
2.1
redhat/enterprise_linux
2.1 (3 CPE variants)
redhat/linux
7.1
redhat/linux
7.2
redhat/linux
7.3
redhat/linux
8.0
redhat/linux
9.0
... and 2 more
Published
Jul 24, 2003
Tracked Since
Feb 18, 2026