Vulnerability CVE-2007-0044


Published: 2007-01-03   Modified: 2011-03-07

Description:
Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka "Universal CSRF and session riding."

See advisories in our WLB2 database:
Topic
Author
Date
High
Adobe Acrobat Reader Plugin - Multiple Vulnerabilities
Stefano Di Paola...
04.01.2007

Type:

CWE-352

(Cross-Site Request Forgery (CSRF))

Vendor: Adobe
Product: Acrobat 
Version:
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0
Product: Acrobat reader 
Version:
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0
Product: Acrobat 3d 

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None

 References:
http://www.wisec.it/vulns.php?page=9
http://xforce.iss.net/xforce/xfdb/31266
http://www.vupen.com/english/advisories/2007/0032
http://www.securityfocus.com/bid/21858
http://www.securityfocus.com/archive/1/archive/1/455801/100/0/threaded
http://www.redhat.com/support/errata/RHSA-2008-0144.html
http://securitytracker.com/id?1017469
http://securityreason.com/securityalert/2090
http://security.gentoo.org/glsa/glsa-200701-16.xml
http://secunia.com/advisories/29065
http://secunia.com/advisories/23882
http://secunia.com/advisories/23812
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10042
http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html
http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf

Related CVE
CVE-2017-3002
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3003
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary cod...
CVE-2017-3000
Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure.
CVE-2017-3001
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2997
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2998
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2999
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2983
Adobe Shockwave versions 12.2.7.197 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to escalation of privilege.

Copyright 2017, cxsecurity.com