Vulnerabilities > CVE-2007-1199 - Unspecified vulnerability in Adobe Acrobat Reader
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with <</URI(file:///C:/)/S/URI>>, a different issue than CVE-2007-0045.
Vulnerable Configurations
Exploit-Db
| description | Adobe Acrobat/Adobe Reader 7.0.9 Information Disclosure Vulnerability. CVE-2007-1199. Remote exploit for windows platform |
| id | EDB-ID:29686 |
| last seen | 2016-02-03 |
| modified | 2007-02-28 |
| published | 2007-02-28 |
| reporter | pdp |
| source | https://www.exploit-db.com/download/29686/ |
| title | Adobe Acrobat/Adobe Reader <= 7.0.9 - Information Disclosure Vulnerability |
Nessus
| NASL family | Gentoo Local Security Checks |
| NASL id | GENTOO_GLSA-200803-01.NASL |
| description | The remote host is affected by the vulnerability described in GLSA-200803-01 (Adobe Acrobat Reader: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Adobe Acrobat Reader, including: A file disclosure when using file:// in PDF documents (CVE-2007-1199) Multiple buffer overflows in unspecified JavaScript methods (CVE-2007-5659) An unspecified vulnerability in the Escript.api plugin (CVE-2007-5663) An untrusted search path (CVE-2007-5666) Incorrect handling of printers (CVE-2008-0667) An integer overflow when passing incorrect arguments to |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 31328 |
| published | 2008-03-04 |
| reporter | This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/31328 |
| title | GLSA-200803-01 : Adobe Acrobat Reader: Multiple vulnerabilities |
Statements
| contributor | Mark J Cox |
| lastmodified | 2008-03-06 |
| organization | Red Hat |
| statement | Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-1199 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. |
References
- http://osvdb.org/33897
- http://osvdb.org/33897
- http://secunia.com/advisories/24408
- http://secunia.com/advisories/24408
- http://secunia.com/advisories/29205
- http://secunia.com/advisories/29205
- http://security.gentoo.org/glsa/glsa-200803-01.xml
- http://security.gentoo.org/glsa/glsa-200803-01.xml
- http://www.gnucitizen.org/projects/pdf-strikes-back/
- http://www.gnucitizen.org/projects/pdf-strikes-back/
- http://www.securityfocus.com/bid/22753
- http://www.securityfocus.com/bid/22753
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32815
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32815