Description
The Adobe PDF specification 1.3, as implemented by Adobe Acrobat before 8.0.0, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
Exploits (1)
References (8)
Core 8
Core References
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Vendor Advisory x_refsource_confirm
http://docs.info.apple.com/article.html?artnum=305214
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/31364
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/21910
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1017749
Various Sources x_refsource_misc
http://projects.info-pull.com/moab/MOAB-06-01-2007.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0930
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24479
Scores
EPSS
0.3410
EPSS Percentile
97.0%
Details
CWE
CWE-20
Status
published
Products (1)
adobe/acrobat_reader
< 7.0.8
Published
Jan 09, 2007
Tracked Since
Feb 18, 2026