PT-2007-1541 · Google+3 · Google Chrome+4

Elia Florio

Published

2007-01-03

Updated

2018-10-16

CVE-2007-0048

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Adobe Acrobat Reader Plugin versions prior to 8.0.0 Adobe Reader versions prior to 7.1.4 Adobe Reader versions prior to 8.1.7 Adobe Reader versions prior to 9.2

Description The issue allows remote attackers to cause a denial of service, specifically memory consumption, when a long sequence of # (hash) characters is appended to a PDF URL. This is related to a cross-site scripting issue and can occur when the plugin is used with browsers such as Internet Explorer, Google Chrome, or Opera.

Recommendations For Adobe Acrobat Reader Plugin version prior to 8.0.0, update to version 8.0.0 or later. For Adobe Reader version prior to 7.1.4, update to version 7.1.4 or later. For Adobe Reader version prior to 8.1.7, update to version 8.1.7 or later. For Adobe Reader version prior to 9.2, update to version 9.2 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-0048

Affected Products

Acrobat Reader Plugin

Reader

Google Chrome

Internet Explorer

Opera

PT-2007-1541 · Google+3 · Google Chrome+4

CVE-2007-0048

Related Identifiers

Affected Products

References · 21