CVE-2005-1306
Published Jun 15, 2005
Last updated 9 months ago
Overview
- Description
- The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability."
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-611
Vendor comments
- Red HatNot vulnerable. Adobe told us this issue did not affect the Linux version of Adobe Reader.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FECFC942-4F04-420C-A9B4-AE0C0590317F"
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F81817F2-1E3A-4A52-88F1-6B614A2A1F0A"
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E2D0266-6954-4DBA-9EEE-8BF73B39DD61"
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24262AFA-2EC8-479E-8922-36DB4243E404"
}
],
"operator": "OR"
}
]
}
]