Описание
Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-0046
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31272
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9684
- https://rhn.redhat.com/errata/RHSA-2007-0017.html
- http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf
- http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html
- http://secunia.com/advisories/23691
- http://secunia.com/advisories/23812
- http://secunia.com/advisories/23877
- http://secunia.com/advisories/23882
- http://secunia.com/advisories/24533
- http://security.gentoo.org/glsa/glsa-200701-16.xml
- http://securityreason.com/securityalert/2090
- http://securitytracker.com/id?1017469
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102847-1
- http://www.adobe.com/support/security/bulletins/apsb07-01.html
- http://www.redhat.com/support/errata/RHSA-2007-0021.html
- http://www.securityfocus.com/archive/1/455801/100/0/threaded
- http://www.vupen.com/english/advisories/2007/0032
- http://www.vupen.com/english/advisories/2007/0957
- http://www.wisec.it/vulns.php?page=9
EPSS
CVE ID
Связанные уязвимости
Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
EPSS