http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5020
Vulnerability Summary CVE-2007-5020
Original release date: 9/21/2007
Last revised: 9/26/2007
Source: US-CERT/NIST
Overview
Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this information is based upon a vague pre-advisory by a reliable researcher.
Impact
CVSS Severity (version 2.0):
CVSS v2 Base score: 6.8 (Medium) (AV:N/AC:M/Au:N/C:P/I:P/A:P) (legend)
Impact Subscore: 6.4
Exploitability Subscore: 8.6
Access Vector: Network exploitable
Access Complexity: Medium
Authentication: Not required to exploit
Impact Type: Allows unauthorized disclosure of information , Allows unauthorized modification , Allows disruption of service
References to Advisories, Solutions, and Tools
External Source: BUGTRAQ (disclaimer)
Name: 20070920 0day: PDF pwns Windows
Hyperlink: http://www.securityfocus.com/archive/1/archive/1/480080/100/0/threaded
External Source: (disclaimer)
Hyperlink:
http://www.gnucitizen.org/blog/0day-pdf-pwns-windows
Vulnerable software and versions
Configuration 1
− Adobe, Acrobat, 8.1, Windows
− Adobe, Reader, 8.1, Windows
Vulnerability Summary CVE-2007-5020
Original release date: 9/21/2007
Last revised: 9/26/2007
Source: US-CERT/NIST
Overview
Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this information is based upon a vague pre-advisory by a reliable researcher.
Impact
CVSS Severity (version 2.0):
CVSS v2 Base score: 6.8 (Medium) (AV:N/AC:M/Au:N/C:P/I:P/A:P) (legend)
Impact Subscore: 6.4
Exploitability Subscore: 8.6
Access Vector: Network exploitable
Access Complexity: Medium
Authentication: Not required to exploit
Impact Type: Allows unauthorized disclosure of information , Allows unauthorized modification , Allows disruption of service
References to Advisories, Solutions, and Tools
External Source: BUGTRAQ (disclaimer)
Name: 20070920 0day: PDF pwns Windows
Hyperlink: http://www.securityfocus.com/archive/1/archive/1/480080/100/0/threaded
External Source: (disclaimer)
Hyperlink:
http://www.gnucitizen.org/blog/0day-pdf-pwns-windows
Vulnerable software and versions
Configuration 1
− Adobe, Acrobat, 8.1, Windows
− Adobe, Reader, 8.1, Windows
文章標籤
全站熱搜
資訊安全 (4)