CVE-2007-0046

N/A Unknown

Published: January 03, 2007 Modified: April 23, 2026

Description

Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf

Source: cve@mitre.org

http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html

Source: cve@mitre.org

http://secunia.com/advisories/23691

Source: cve@mitre.org

http://secunia.com/advisories/23812

Source: cve@mitre.org

http://secunia.com/advisories/23877

Source: cve@mitre.org

http://secunia.com/advisories/23882

Source: cve@mitre.org

http://secunia.com/advisories/24533

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200701-16.xml

Source: cve@mitre.org

http://securityreason.com/securityalert/2090

Source: cve@mitre.org

http://securitytracker.com/id?1017469

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102847-1

Source: cve@mitre.org

http://www.adobe.com/support/security/bulletins/apsb07-01.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2007-0021.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/455801/100/0/threaded

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/0032

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/0957

Source: cve@mitre.org

http://www.wisec.it/vulns.php?page=9

Source: cve@mitre.org

Exploit Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/31272

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9684

Source: cve@mitre.org

https://rhn.redhat.com/errata/RHSA-2007-0017.html

Source: cve@mitre.org

http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/23691

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/23812

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/23877

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/23882

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/24533

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200701-16.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/2090

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1017469

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102847-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.adobe.com/support/security/bulletins/apsb07-01.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2007-0021.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/455801/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/0032

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/0957

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wisec.it/vulns.php?page=9

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/31272

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9684

Source: af854a3a-2127-422b-91ae-364da2661108

https://rhn.redhat.com/errata/RHSA-2007-0017.html

Source: af854a3a-2127-422b-91ae-364da2661108

40 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

64.9%

98th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

adobe