CVE-2007-0046

Description

Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.

Risk Information

Base Score

8.8

MODERATE

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

64.856

Associated Vulnerability

Vulnerability	OS Platform
Multiple vulnerabilities affected in Acrobat Reader 7.0.8	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-315465	Adobe Acrobat Reader MUI DC (Classic Track) update - All languages (15.006.30527) (APSB20-48)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234