PT-2007-1541 · Google+3 · Google Chrome+4
Elia Florio
+2
·
Publicado
2007-01-03
·
Atualizado
2018-10-16
·
CVE-2007-0048
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Adobe Acrobat Reader Plugin versions prior to 8.0.0
Adobe Reader versions prior to 7.1.4
Adobe Reader versions prior to 8.1.7
Adobe Reader versions prior to 9.2
Description
The issue allows remote attackers to cause a denial of service, specifically memory consumption, when a long sequence of # (hash) characters is appended to a PDF URL. This is related to a cross-site scripting issue and can occur when the plugin is used with browsers such as Internet Explorer, Google Chrome, or Opera.
Recommendations
For Adobe Acrobat Reader Plugin version prior to 8.0.0, update to version 8.0.0 or later.
For Adobe Reader version prior to 7.1.4, update to version 7.1.4 or later.
For Adobe Reader version prior to 8.1.7, update to version 8.1.7 or later.
For Adobe Reader version prior to 9.2, update to version 9.2 or later.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Acrobat Reader Plugin
Reader
Google Chrome
Internet Explorer
Opera