CVE-2007-1377
AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236.
Published
2007-03-10T00:19:00.000
Last Modified
2025-04-09T00:30:58.490
Status
Deferred
Source
[email protected]
Severity
CVSSv2: 5.0 (MEDIUM)
CVSSv2 Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
- Access Vector: NETWORK
- Access Complexity: LOW
- Authentication: NONE
- Confidentiality Impact: NONE
- Integrity Impact: NONE
- Availability Impact: PARTIAL
Exploitability Score
10.0
Impact Score
2.9
Weaknesses
Affected Vendors & Products
References
-
http://www.securityfocus.com/bid/22856
Broken Link, Exploit, Third Party Advisory, VDB Entry
([email protected])
-
http://www.securityfocus.com/data/vulnerabilities/exploits/22856.html
Broken Link, Exploit, Third Party Advisory, VDB Entry
([email protected])
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/32896
Third Party Advisory, VDB Entry
([email protected])
-
http://www.securityfocus.com/bid/22856
Broken Link, Exploit, Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
http://www.securityfocus.com/data/vulnerabilities/exploits/22856.html
Broken Link, Exploit, Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/32896
Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)