SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2007-0048

Date: (C)2007-01-03 (M)2023-12-22

Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a "cross-site scripting issue."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL

Reference:

SECTRACK-1017469

SECTRACK-1023007

http://www.securityfocus.com/archive/1/455801/100/0/threaded

SUSE-SA:2007:011

adobe-acrobat-character-dos(31273)

http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf

http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html

http://www.adobe.com/support/security/bulletins/apsb07-01.html

http://www.adobe.com/support/security/bulletins/apsb09-15.html

http://www.wisec.it/vulns.php?page=9

oval:org.mitre.oval:def:6348

cpe:/a:adobe:acrobat_reader:6.0
cpe:/a:adobe:acrobat_reader:6.0.2
cpe:/a:adobe:acrobat_reader:6.0.1
cpe:/a:adobe:acrobat_reader:7.0
...

oval:org.secpod.oval:def:36780
oval:org.secpod.oval:def:400086
oval:org.secpod.oval:def:18679
oval:org.secpod.oval:def:18652
...

© SecPod Technologies