Adobe Reader

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

adobe

nessus

exploit available

NVD

Published: 2007-03-02

Updated: 2017-07-29

Summary

Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with <</URI(file:///C:/)/S/URI>>, a different issue than CVE-2007-0045.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Acrobat Reader 4.0 Adobe Acrobat Reader 4.0.5 Adobe Acrobat Reader 4.5 Adobe Acrobat Reader 5.0 Adobe Acrobat Reader 5.0.5 Adobe Acrobat Reader 5.0.6 Adobe Acrobat Reader 5.0.7 Adobe Acrobat Reader 5.0.9 Adobe Acrobat Reader 5.0.10 Adobe Acrobat Reader 5.1 Adobe Acrobat Reader 6.0 Adobe Acrobat Reader 6.0.1 Adobe Acrobat Reader 6.0.2 Adobe Acrobat Reader 6.0.3 Adobe Acrobat Reader 6.0.4 Adobe Acrobat Reader 7.0 Adobe Acrobat Reader 7.0.1 Adobe Acrobat Reader 7.0.2 Adobe Acrobat Reader 7.0.3 Adobe Acrobat Reader 7.0.4 Adobe Acrobat Reader 7.0.5 Adobe Acrobat Reader 7.0.6 Adobe Acrobat Reader 7.0.7 Adobe Acrobat Reader 7.0.8 Adobe Acrobat Reader 7.0.9 Adobe Acrobat Reader 8.0	26

Exploit-Db

description	Adobe Acrobat/Adobe Reader 7.0.9 Information Disclosure Vulnerability. CVE-2007-1199. Remote exploit for windows platform
id	EDB-ID:29686
last seen	2016-02-03
modified	2007-02-28
published	2007-02-28
reporter	pdp
source	https://www.exploit-db.com/download/29686/
title	Adobe Acrobat/Adobe Reader <= 7.0.9 - Information Disclosure Vulnerability

Nessus

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-200803-01.NASL
description	The remote host is affected by the vulnerability described in GLSA-200803-01 (Adobe Acrobat Reader: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Adobe Acrobat Reader, including: A file disclosure when using file:// in PDF documents (CVE-2007-1199) Multiple buffer overflows in unspecified JavaScript methods (CVE-2007-5659) An unspecified vulnerability in the Escript.api plugin (CVE-2007-5663) An untrusted search path (CVE-2007-5666) Incorrect handling of printers (CVE-2008-0667) An integer overflow when passing incorrect arguments to
last seen	2020-06-01
modified	2020-06-02
plugin id	31328
published	2008-03-04
reporter	This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/31328
title	GLSA-200803-01 : Adobe Acrobat Reader: Multiple vulnerabilities

Statements

contributor	Mark J Cox
lastmodified	2008-03-06
organization	Red Hat
statement	Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-1199 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.

Summary

Vulnerable Configurations

Exploit-Db

Nessus

Statements

References