CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
98.9%
The customDictionaryOpen spell method in the JavaScript API in Adobe Reader
9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to
cause a denial of service (memory corruption) or execute arbitrary code via
a PDF file that triggers a call to this method with a long string in the
second argument.