FKIE_CVE-2007-0048

Vulnerability from fkie_nvd - Published: 2007-01-03 21:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a "cross-site scripting issue."
References
cve@mitre.orghttp://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf
cve@mitre.orghttp://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html
cve@mitre.orghttp://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html
cve@mitre.orghttp://osvdb.org/31596
cve@mitre.orghttp://secunia.com/advisories/23812
cve@mitre.orghttp://secunia.com/advisories/23882
cve@mitre.orghttp://secunia.com/advisories/33754
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200701-16.xml
cve@mitre.orghttp://securityreason.com/securityalert/2090
cve@mitre.orghttp://securitytracker.com/id?1017469
cve@mitre.orghttp://securitytracker.com/id?1023007
cve@mitre.orghttp://www.adobe.com/support/security/bulletins/apsb07-01.html
cve@mitre.orghttp://www.adobe.com/support/security/bulletins/apsb09-15.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/455801/100/0/threaded
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA09-286B.htmlUS Government Resource
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/0032
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/2898
cve@mitre.orghttp://www.wisec.it/vulns.php?page=9Exploit, Patch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/31273
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6348
af854a3a-2127-422b-91ae-364da2661108http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf
af854a3a-2127-422b-91ae-364da2661108http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/31596
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/23812
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/23882
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33754
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200701-16.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/2090
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1017469
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1023007
af854a3a-2127-422b-91ae-364da2661108http://www.adobe.com/support/security/bulletins/apsb07-01.html
af854a3a-2127-422b-91ae-364da2661108http://www.adobe.com/support/security/bulletins/apsb09-15.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/455801/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-286B.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0032
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2898
af854a3a-2127-422b-91ae-364da2661108http://www.wisec.it/vulns.php?page=9Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/31273
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6348
Impacted products
Vendor Product Version
adobe acrobat *
adobe acrobat 7.0
adobe acrobat 7.0
adobe acrobat 7.0.1
adobe acrobat 7.0.1
adobe acrobat 7.0.2
adobe acrobat 7.0.2
adobe acrobat 7.0.3
adobe acrobat 7.0.3
adobe acrobat 7.0.4
adobe acrobat 7.0.4
adobe acrobat 7.0.5
adobe acrobat 7.0.5
adobe acrobat 7.0.6
adobe acrobat 7.0.6
adobe acrobat 7.0.7
adobe acrobat 7.0.7
adobe acrobat 7.0.8
adobe acrobat 7.0.8
adobe acrobat_3d *
adobe acrobat_reader *
adobe acrobat_reader 6.0
adobe acrobat_reader 6.0.1
adobe acrobat_reader 6.0.2
adobe acrobat_reader 6.0.3
adobe acrobat_reader 6.0.4
adobe acrobat_reader 6.0.5
adobe acrobat_reader 7.0
adobe acrobat_reader 7.0.1
adobe acrobat_reader 7.0.2
adobe acrobat_reader 7.0.3
adobe acrobat_reader 7.0.4
adobe acrobat_reader 7.0.5
adobe acrobat_reader 7.0.6
adobe acrobat_reader 7.0.7
adobe acrobat_reader 7.0.8
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:*:*:elements:*:*:*:*:*",
              "matchCriteriaId": "70C786B9-7CEC-474E-B173-F2D9CD78E5B9",
              "versionEndIncluding": "7.0.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "AC8F85CD-8371-4B36-8D6A-8B2CA580631B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0:*:standard:*:*:*:*:*",
              "matchCriteriaId": "C74ECCD2-4E9B-407B-9B14-8A6FB4F768F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "FE88C274-CC72-4341-9BF6-1924054A12FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.1:*:standard:*:*:*:*:*",
              "matchCriteriaId": "507C02CF-7E81-4131-99DE-63E4EEC45F74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "3D68FF87-5DCE-4D52-B95A-8ADB6F8C0DA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.2:*:standard:*:*:*:*:*",
              "matchCriteriaId": "47EBEF8E-3C53-41D5-B344-297ED7C432F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.3:*:professional:*:*:*:*:*",
              "matchCriteriaId": "DC0DF265-984D-462D-878E-612783BF0BFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.3:*:standard:*:*:*:*:*",
              "matchCriteriaId": "0335D33B-20D8-483F-AB5E-E2517F2F900D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.4:*:professional:*:*:*:*:*",
              "matchCriteriaId": "4B066C6A-E3ED-4E7B-BE5E-45CDBF1E8959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.4:*:standard:*:*:*:*:*",
              "matchCriteriaId": "2341215F-97A7-40B6-B618-7FF022C7CFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.5:*:professional:*:*:*:*:*",
              "matchCriteriaId": "D61F0564-59B9-4811-B7FD-BA044C6A94AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.5:*:standard:*:*:*:*:*",
              "matchCriteriaId": "9C9A3E43-7334-44B0-BF01-04BB19B6FE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.6:*:professional:*:*:*:*:*",
              "matchCriteriaId": "D3E43C1B-D76D-4486-AE7A-943D34D0A92C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.6:*:standard:*:*:*:*:*",
              "matchCriteriaId": "9F7310F9-CF09-4B83-B6CA-3FE6DBAB6008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.7:*:professional:*:*:*:*:*",
              "matchCriteriaId": "F52F86E7-E845-48A5-9CC4-98E6DAA43C71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.7:*:standard:*:*:*:*:*",
              "matchCriteriaId": "32C79CBE-CE27-46B2-BD3C-D56DC62CBB46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.8:*:professional:*:*:*:*:*",
              "matchCriteriaId": "CC9D669B-7E9D-4F39-894A-D9438000F2B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:7.0.8:*:standard:*:*:*:*:*",
              "matchCriteriaId": "0D9CA54D-9D60-4064-B6AC-8CED8D064465",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA58F87E-2E6D-4837-85C9-0A94BB3D269A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD055652-DA7A-4881-ACD3-9D491821DC73",
              "versionEndIncluding": "7.0.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0BB7C0C-B1D6-4733-BA91-022A1A7FB2E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B131DB8-4B6A-4AF2-8D5E-B5EA1AEBFB3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B9351C2-16ED-4766-B417-8DB3A8766C2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "74667860-0047-40AD-9468-860591BA9D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DEA092A-5532-4DCC-B43D-7A8ECF07FA4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9628AFF9-6EE1-4E85-858F-AE96EE64B7F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E2D0266-6954-4DBA-9EEE-8BF73B39DD61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "24262AFA-2EC8-479E-8922-36DB4243E404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1E62096-08B2-4722-A492-11E9A441E85B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5370AC6-90EE-48EA-8DBD-54002B102F7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C36D10A8-D211-437D-98D8-9029D0A9CF8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA55D00C-3629-48E4-8699-F62B8D703E02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EE5E1B7-7B91-4AE1-92AA-4F1763E1BA1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "623324C2-C8B5-4C3C-9C10-9677D5A6740A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EAF5E3-F3B4-4AD3-B5F1-281AB0F9C57F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a \"cross-site scripting issue.\""
    },
    {
      "lang": "es",
      "value": "El Plugin de Adobe Acrobat Reader anterior al 8.0.0., cuando se usa con el Internet Explorer, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento de memoria) mediante una secuencia larga de caracteres # (almohadilla) a\u00f1adidos a una PDF URL."
    }
  ],
  "id": "CVE-2007-0048",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-01-03T21:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/31596"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/23812"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/23882"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/33754"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200701-16.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/2090"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017469"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1023007"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.adobe.com/support/security/bulletins/apsb07-01.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/455801/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/0032"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/2898"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.wisec.it/vulns.php?page=9"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31273"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6348"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/31596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23882"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33754"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200701-16.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/2090"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017469"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023007"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.adobe.com/support/security/bulletins/apsb07-01.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/455801/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0032"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/2898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.wisec.it/vulns.php?page=9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31273"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6348"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.