CVE-2007-0103

Adobe Acrobat Reader < 7.0.8 - Remote Code Execution via Crafted PDF Catalog Dictionary

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0103. PoCs published by LMH.

AI-analyzed exploit summary The provided content is a vulnerability description for CVE-2007-0103, detailing multiple buffer overflow vulnerabilities in various PDF readers. It lacks actual exploit code but references a binary exploit (29399.pdf) hosted externally.

Description

The Adobe PDF specification 1.3, as implemented by Adobe Acrobat before 8.0.0, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.

Exploits (1)

exploitdb WRITEUP VERIFIED

by LMH · textdoslinux

https://www.exploit-db.com/exploits/29399

View Code ZIP pw:eip

The provided content is a vulnerability description for CVE-2007-0103, detailing multiple buffer overflow vulnerabilities in various PDF readers. It lacks actual exploit code but references a binary exploit (29399.pdf) hosted externally.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Multiple PDF readers (versions unspecified)

No auth needed

Prerequisites: Victim must open a maliciously crafted PDF file

MITRE ATT&CK