CVE-2003-0434
Adobe Acrobat Reader (UNIX) 5.0 6 / Xpdf 0.9x Hyperlinks - Arbitrary Command Execution
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
Varios visores de PDF, incluidos Adobe Acrobat 5.06 y Xpdf 1.01 permiten a atacantes remotos la ejecución arbitraria de comandos mediante metacaracteres de shell en un hipervínculo embebido.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2003-06-13 First Exploit
- 2003-06-16 CVE Reserved
- 2003-06-18 CVE Published
- 2024-08-08 CVE Updated
- 2024-10-26 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html | Mailing List | |
| http://marc.info/?l=bugtraq&m=105777963019186&w=2 | Mailing List | |
| http://secunia.com/advisories/9037 | Third Party Advisory | |
| http://secunia.com/advisories/9038 | Third Party Advisory | |
| http://www.kb.cert.org/vuls/id/200132 | Third Party Advisory |
|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664 | Signature |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/22771 | 2003-06-13 |
| URL | Date | SRC |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2003-196.html | 2017-10-11 | |
| http://www.redhat.com/support/errata/RHSA-2003-197.html | 2017-10-11 |
| URL | Date | SRC |
|---|---|---|
| http://www.mandriva.com/security/advisories?name=MDKSA-2003:071 | 2017-10-11 | |
| https://access.redhat.com/security/cve/CVE-2003-0434 | 2003-06-30 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1617032 | 2003-06-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Adobe Search vendor "Adobe" | Acrobat Search vendor "Adobe" for product "Acrobat" | 5.0.6 Search vendor "Adobe" for product "Acrobat" and version "5.0.6" | - |
Affected
| ||||||
| Xpdf Search vendor "Xpdf" | Xpdf Search vendor "Xpdf" for product "Xpdf" | 1.1 Search vendor "Xpdf" for product "Xpdf" and version "1.1" | - |
Affected
| ||||||
| Mandrakesoft Search vendor "Mandrakesoft" | Mandrake Linux Search vendor "Mandrakesoft" for product "Mandrake Linux" | 9.0 Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "9.0" | - |
Affected
| ||||||
| Mandrakesoft Search vendor "Mandrakesoft" | Mandrake Linux Search vendor "Mandrakesoft" for product "Mandrake Linux" | 9.1 Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "9.1" | - |
Affected
| ||||||
| Mandrakesoft Search vendor "Mandrakesoft" | Mandrake Linux Corporate Server Search vendor "Mandrakesoft" for product "Mandrake Linux Corporate Server" | 2.1 Search vendor "Mandrakesoft" for product "Mandrake Linux Corporate Server" and version "2.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 2.1 Search vendor "Redhat" for product "Enterprise Linux" and version "2.1" | advanced_server |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 2.1 Search vendor "Redhat" for product "Enterprise Linux" and version "2.1" | enterprise_server |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 2.1 Search vendor "Redhat" for product "Enterprise Linux" and version "2.1" | workstation |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 7.1 Search vendor "Redhat" for product "Linux" and version "7.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 7.2 Search vendor "Redhat" for product "Linux" and version "7.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 7.3 Search vendor "Redhat" for product "Linux" and version "7.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 8.0 Search vendor "Redhat" for product "Linux" and version "8.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 9.0 Search vendor "Redhat" for product "Linux" and version "9.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Advanced Workstation Search vendor "Redhat" for product "Linux Advanced Workstation" | 2.1 Search vendor "Redhat" for product "Linux Advanced Workstation" and version "2.1" | itanium |
Affected
| ||||||