Описание
The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability."
Ссылки
- Broken LinkPatchVendor Advisory
- Broken LinkExploitPatchThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkPatchVendor Advisory
- Broken LinkExploitPatchThird Party AdvisoryVDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.16058
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-611
Связанные уязвимости
CVSS3: 7.5
github
почти 4 года назад
The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability."
EPSS
Процентиль: 95%
0.16058
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-611