CVE-2007-0048

Currently unrated

Key Information:

Vendor: Adobe
Status: Acrobat; Acrobat Reader; Acrobat 3d
Vendor: CVE Published:; 3 January 2007

Summary

Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a "cross-site scripting issue."

References

http://www.us-cert.gov/cas/techalerts/TA09-286B.html

third-party-advisoryx_refsource_CERT

http://googlechromereleases.blogspot.com/2009/01/stable-b...

x_refsource_CONFIRM

http://events.ccc.de/congress/2006/Fahrplan/attachments/1...

x_refsource_MISC

EPSS Score

36% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 3, 2007
Vulnerability Reserved
Jan 3, 2007