CVE-2007-5020

Published Sep 21, 2007

Last updated 6 years ago

Overview

Description: Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. NOTE: this information is based upon a vague pre-advisory by a reliable researcher.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-94

Hype score: Not currently trending

Vendor comments

Red HatAccording to Abobe this issue affects only the Windows platform and therefore does not affect Adobe Acrobat Reader as distributed with Red Hat Enterprise Linux Extras. http://www.adobe.com/support/security/advisories/apsa07-04.html

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC6D8742-220A-44C9-88A3-38EB8AF5EEB4"
          },
          {
            "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CB5FD8D-F867-42F8-B3DC-BE9AFBF1F11B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References