MitreCVE-2007-5020CVE-2007-5020
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.8%
Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. NOTE: this information is based upon a vague pre-advisory by a reliable researcher.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| adobe | acrobat | 8.1 | cpe:2.3:a:adobe:acrobat:8.1:*:windows:*:*:*:*:* |
| adobe | acrobat_reader | 8.1 | cpe:2.3:a:adobe:acrobat_reader:8.1:*:windows:*:*:*:*:* |
References
www.adobe.com/support/security/advisories/apsa07-04.html
www.gnucitizen.org/blog/0day-pdf-pwns-windows
www.securityfocus.com/archive/1/480080/100/0/threaded
www.securityfocus.com/bid/25748
www.securitytracker.com/id?1018723
www.us-cert.gov/cas/techalerts/TA07-297B.html
www.vupen.com/english/advisories/2007/3392
exchange.xforce.ibmcloud.com/vulnerabilities/36722
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.8%