CVE-2007-0046

Adobe Acrobat Reader Plugin <8.0.0 - RCE

Title source: llm

Description

Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Stefano Di Paola · textremotewindows

https://www.exploit-db.com/exploits/3084

View Code ZIP pw:eip

References (20)

Core 20

Core References

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/24533

Exploit, Patch x_refsource_misc

http://www.wisec.it/vulns.php?page=9

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2007-0021.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23691

Vendor Advisory vendor-advisory x_refsource_redhat

https://rhn.redhat.com/errata/RHSA-2007-0017.html

Various Sources x_refsource_misc

http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23882

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/455801/100/0/threaded

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/0032

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/2090

Various Sources vendor-advisory x_refsource_suse

http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html

Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102847-1

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/0957

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9684

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23812

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1017469

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23877

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/31272

Various Sources x_refsource_confirm

http://www.adobe.com/support/security/bulletins/apsb07-01.html

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200701-16.xml

Scores

EPSS 0.6486

EPSS Percentile 98.5%

Details

Status published

Products (1)

adobe/acrobat_reader < 7.0.8

Published Jan 03, 2007

Tracked Since Feb 18, 2026