CVE-2007-5020
EXPLOITEDAdobe Acrobat and Reader 8.1 - Remote Code Execution via Crafted PDF File
Title source: llmExploitation Summary
CVE-2007-5020 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. NOTE: this information is based upon a vague pre-advisory by a reliable researcher.
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36722
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/480080/100/0/threaded
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3392
Various Sources x_refsource_misc
http://www.gnucitizen.org/blog/0day-pdf-pwns-windows
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA07-297B.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018723
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25748
Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/advisories/apsa07-04.html
Scores
EPSS
0.2097
EPSS Percentile
97.3%
Details
VulnCheck KEV
2007-10-26
CWE
CWE-94
Status
published
Products (2)
adobe/acrobat
8.1
adobe/acrobat_reader
8.1
Published
Sep 21, 2007
Tracked Since
Feb 18, 2026