Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5020

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-5020
Last Modified 07 Mar 2011 12:00:00
Published 21 Sep 2007 02:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5020

Summary

Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. NOTE: this information is based upon a vague pre-advisory by a reliable researcher.

Vulnerable Systems

Application

  • Adobe Acrobat 8.1

  • Adobe Acrobat Reader 8.1


References

CERT - TA07-297B

XF - adobe-unspecified-pdf-code-execution(36722)

VUPEN - ADV-2007-3392

SECTRACK - 1018723

BID - 25748

BUGTRAQ - 20070920 0day: PDF pwns Windows

MISC - http://www.gnucitizen.org/blog/0day-pdf-pwns-windows

CONFIRM - http://www.adobe.com/support/security/advisories/apsa07-04.html

Related Patches

Adobe Reader 8.1.1 Update (All Languages)


Last Updated: 27 May 2016 10:46:02