CVE-2007-0048
6.2 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.777 High
EPSS
Percentile
98.2%
Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a “cross-site scripting issue.”
References
events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf
googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html
lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html
osvdb.org/31596
secunia.com/advisories/23812
secunia.com/advisories/23882
secunia.com/advisories/33754
security.gentoo.org/glsa/glsa-200701-16.xml
securityreason.com/securityalert/2090
securitytracker.com/id?1017469
securitytracker.com/id?1023007
www.adobe.com/support/security/bulletins/apsb07-01.html
www.adobe.com/support/security/bulletins/apsb09-15.html
www.securityfocus.com/archive/1/455801/100/0/threaded
www.us-cert.gov/cas/techalerts/TA09-286B.html
www.vupen.com/english/advisories/2007/0032
www.vupen.com/english/advisories/2009/2898
www.wisec.it/vulns.php?page=9
exchange.xforce.ibmcloud.com/vulnerabilities/31273
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6348
Related
6.2 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.777 High
EPSS
Percentile
98.2%