CVE-2007-0103
Multiple PDF Readers - Multiple Remote Buffer Overflows
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
The Adobe PDF specification 1.3, as implemented by Adobe Acrobat before 8.0.0, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
La especificación de Adobe PDF 1.3, como se implementa en Adobe Acrobat anterior a 8.0.0, permite a atacantes remotos tener un impacto desconocido, posiblemente incluyendo denegación de servicio (bucle infinito), ejecución de código de su elección, o corrupción de memoria, mediante un archivo PDF con un (1) diccionario de catálogo manipulado o (2) un atributo Páginas (Pages) manipulado que referencia a un nodo inválido del árbol de páginas.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-01-06 First Exploit
- 2007-01-08 CVE Reserved
- 2007-01-09 CVE Published
- 2023-11-12 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://docs.info.apple.com/article.html?artnum=305214 | X_refsource_confirm | |
| http://projects.info-pull.com/moab/MOAB-06-01-2007.html | X_refsource_misc | |
| http://secunia.com/advisories/24479 | Third Party Advisory | |
| http://www.securitytracker.com/id?1017749 | Vdb Entry | |
| http://www.us-cert.gov/cas/techalerts/TA07-072A.html | Third Party Advisory | |
| http://www.vupen.com/english/advisories/2007/0930 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/31364 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/29399 | 2007-01-06 | |
| http://www.securityfocus.com/bid/21910 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Adobe Search vendor "Adobe" | Acrobat Reader Search vendor "Adobe" for product "Acrobat Reader" | <= 7.0.8 Search vendor "Adobe" for product "Acrobat Reader" and version " <= 7.0.8" | - |
Affected
| ||||||