CVE-2003-0508

Adobe Acrobat Reader < 5.0.7 - Remote Code Execution via Long Mailto Link

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0508. PoCs published by Paul Szabo.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in Adobe Acrobat Reader for Unix systems (version 5.0.7) via a maliciously crafted PDF file. The exploit generates a TeX file with an overly long hyperlink, which triggers the overflow in the 'WWWLaunchNetscape' function when processed by Acrobat Reader.

Description

Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Paul Szabo · perldoslinux

https://www.exploit-db.com/exploits/22846

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in Adobe Acrobat Reader for Unix systems (version 5.0.7) via a maliciously crafted PDF file. The exploit generates a TeX file with an overly long hyperlink, which triggers the overflow in the 'WWWLaunchNetscape' function when processed by Acrobat Reader.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Adobe Acrobat Reader for Unix 5.0.7

No auth needed

Prerequisites: Netscape set as the default browser in Acrobat Reader preferences · pdflatex installed to compile the TeX file

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105785749721291&w=2

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105709569312583&w=2

Scores

EPSS 0.0699

EPSS Percentile 93.3%

Details

Status published

Products (1)

adobe/acrobat_reader < 5.0.7

Published Aug 07, 2003

Tracked Since Feb 18, 2026