ID CVE-2007-0047
Summary CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:acrobat_reader:7.0.8
CVSS
Base: 6.8 (as of 03-01-2007 - 17:10)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Windows
    NASL id ADOBE_READER_709.NASL
    description The version of Adobe Reader installed on the remote host is earlier than 7.0.9 / 8.0 and is, therefore, reportedly affected by several security issues, including one that can lead to arbitrary code execution when processing a malicious PDF file.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 24002
    published 2007-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24002
    title Adobe Reader < 6.0.6 / 7.0.9 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_ACROREAD-2506.NASL
    description The Adobe Acrobat Reader has been updated to version 7.0.9. This update also includes following security fixes : CVE-2006-5857: A memory corruption problem was fixed in Adobe Acrobat Reader can potentially lead to code execution. CVE-2007-0044: Universal Cross Site Request Forgery (CSRF) problems were fixed in the Acrobat Reader plugin which could be exploited by remote attackers to conduct CSRF attacks using any site that is providing PDFs. CVE-2007-0045: Cross site scripting problems in the Acrobat Reader plugin were fixed, which could be exploited by remote attackers to conduct XSS attacks against any site that is providing PDFs. CVE-2007-0046: A double free problem in the Acrobat Reader plugin was fixed which could be used by remote attackers to potentially execute arbitrary code. Note that all platforms using Adobe Reader currently have counter measures against such attack where it will just cause a controlled abort(). CVE-2007-0047 and CVE-2007-0048 affect only Microsoft Windows and Internet Explorer.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27144
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27144
    title openSUSE 10 Security Update : acroread (acroread-2506)
  • NASL family Windows
    NASL id ADOBE_ACROBAT_709.NASL
    description The version of Adobe Acrobat installed on the remote host is earlier than 6.0.6 / 7.0.9 / 8.0 and thus reportedly is affected by several security issues, including one that can lead to arbitrary code execution when processing a malicious PDF file.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 40798
    published 2009-08-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40798
    title Adobe Acrobat < 6.0.6 / 7.0.9 Multiple Vulnerabilities
  • NASL family Windows
    NASL id ADOBE_PDF_PLUGIN_80.NASL
    description The version of Adobe PDF Plug-In installed on the remote host is earlier than 8.0 / 7.0.9 / 6.0.6 and reportedly fails to properly sanitize input to the 'FDF', 'XML', or 'XFDF' fields used by its 'Open Parameters' feature. By tricking a user into accessing a specially crafted link and depending on the browser with which the plugin is used, a remote attacker may be able to leverage these issues to conduct arbitrary code execution, denial of service, cross-site script forgery, or cross-site scripting attacks against a user on the remote host.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 23975
    published 2007-01-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23975
    title Adobe PDF Plug-In < 8.0 / 7.0.9 / 6.0.6 Multiple Vulnerabilities (APSB07-01)
refmap via4
misc http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf
sectrack 1017469
secunia 23882
suse SUSE-SA:2007:011
vupen ADV-2007-0032
xf adobe-acrobat-xmlhttp-response-splitting(31291)
Last major update 07-03-2011 - 21:48
Published 03-01-2007 - 16:28
Last modified 28-07-2017 - 21:29
Back to Top