Lucene search

MitreCVE-2007-0103

HistoryJan 09, 2007 - 12:28 a.m.

CVE-2007-0103

2007-01-0900:28:00

CWE-20

mitre

web.nvd.nist.gov

adobe

pdf

specification

remote attackers

denial of service

arbitrary code execution

crafted catalog dictionary

crafted pages attribute

vulnerability

cve-2007-0103

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.078

Percentile

94.3%

JSON

The Adobe PDF specification 1.3, as implemented by Adobe Acrobat before 8.0.0, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.

Affected configurations

Nvd

Node

adobeacrobat_readerRange≤7.0.8

VendorProductVersionCPE
adobeacrobat_reader*cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	acrobat_reader	*	cpe:2.3:a:adobe:acrobat_reader::::::::

References

docs.info.apple.com/article.html?artnum=305214

projects.info-pull.com/moab/MOAB-06-01-2007.html

secunia.com/advisories/24479

www.securityfocus.com/bid/21910

www.securitytracker.com/id?1017749

www.us-cert.gov/cas/techalerts/TA07-072A.html

www.vupen.com/english/advisories/2007/0930

exchange.xforce.ibmcloud.com/vulnerabilities/31364

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.078

Percentile

94.3%

JSON

Related for CVE-2007-0103