National Vulnerability Database (NVD) National Vulnerability Database (CVE-2007-0045)

National Cyber Awareness System

Vulnerability Summary for CVE-2007-0045

Original release date:01/03/2007

Last revised:09/13/2011

Source: US-CERT/NIST

Overview

Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type:Allows unauthorized modification

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Technical Alert: TA09-286B

Name: TA09-286B

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA09-286B.html

US-CERT Vulnerability Note: VU#815960

Name: VU#815960

Type: Advisory

Hyperlink:http://www.kb.cert.org/vuls/id/815960

External Source: MISC

Name: http://www.wisec.it/vulns.php?page=9

Type: Patch Information; Exploit

Hyperlink:http://www.wisec.it/vulns.php?page=9

External Source: REDHAT

Name: RHSA-2007:0017

Hyperlink:https://rhn.redhat.com/errata/RHSA-2007-0017.html

External Source: XF

Name: adobe-acrobat-pdf-xss(31271)

Hyperlink:http://xforce.iss.net/xforce/xfdb/31271

External Source: VUPEN

Name: ADV-2009-2898

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2009/2898

External Source: VUPEN

Name: ADV-2007-0957

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2007/0957

External Source: VUPEN

Name: ADV-2007-0032

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2007/0032

External Source: BID

Name: 21858

Hyperlink:http://www.securityfocus.com/bid/21858

External Source: BUGTRAQ

Name: 20070104 Universal PDF XSS After Party

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/455906/100/0/threaded

External Source: BUGTRAQ

Name: 20070103 Adobe Acrobat Reader Plugin - Multiple Vulnerabilities

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/455801/100/0/threaded

External Source: BUGTRAQ

Name: 20070103 RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous

Hyperlink:http://www.securityfocus.com/archive/1/455836/100/0/threaded

External Source: BUGTRAQ

Name: 20070103 Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous

Hyperlink:http://www.securityfocus.com/archive/1/455831/100/0/threaded

External Source: BUGTRAQ

Name: 20070103 Re: Universal XSS with PDF files: highly dangerous

Hyperlink:http://www.securityfocus.com/archive/1/455800/100/0/threaded

External Source: BUGTRAQ

Name: 20070103 Universal XSS with PDF files: highly dangerous

Hyperlink:http://www.securityfocus.com/archive/1/455790/100/0/threaded

External Source: REDHAT

Name: RHSA-2007:0021

Hyperlink:http://www.redhat.com/support/errata/RHSA-2007-0021.html

External Source: CONFIRM

Name: http://www.mozilla.org/security/announce/2007/mfsa2007-02.html

Hyperlink:http://www.mozilla.org/security/announce/2007/mfsa2007-02.html

External Source: MISC

Name: http://www.gnucitizen.org/blog/universal-pdf-xss-after-party

Hyperlink:http://www.gnucitizen.org/blog/universal-pdf-xss-after-party

External Source: CONFIRM

Name: http://www.gnucitizen.org/blog/danger-danger-danger/

Type: Advisory; Exploit

Hyperlink:http://www.gnucitizen.org/blog/danger-danger-danger/

External Source: MISC

Name: http://www.disenchant.ch/blog/hacking-with-browser-plugins/34

Hyperlink:http://www.disenchant.ch/blog/hacking-with-browser-plugins/34

External Source: CONFIRM

Name: http://www.adobe.com/support/security/bulletins/apsb09-15.html

Hyperlink:http://www.adobe.com/support/security/bulletins/apsb09-15.html

External Source: CONFIRM

Name: http://www.adobe.com/support/security/bulletins/apsb07-01.html

Hyperlink:http://www.adobe.com/support/security/bulletins/apsb07-01.html

External Source: CONFIRM

Name: http://www.adobe.com/support/security/advisories/apsa07-02.html

Hyperlink:http://www.adobe.com/support/security/advisories/apsa07-02.html

External Source: CONFIRM

Name: http://www.adobe.com/support/security/advisories/apsa07-01.html

Type: Advisory

Hyperlink:http://www.adobe.com/support/security/advisories/apsa07-01.html

External Source: SUNALERT

Name: 102847

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102847-1

External Source: SLACKWARE

Name: SSA:2007-066-05

Hyperlink:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131

External Source: SECTRACK

Name: 1023007

Hyperlink:http://securitytracker.com/id?1023007

External Source: SECTRACK

Name: 1017469

Hyperlink:http://securitytracker.com/id?1017469

External Source: SREASON

Name: 2090

Hyperlink:http://securityreason.com/securityalert/2090

External Source: GENTOO

Name: GLSA-200701-16

Hyperlink:http://security.gentoo.org/glsa/glsa-200701-16.xml

External Source: SECUNIA

Name: 33754

Type: Advisory

Hyperlink:http://secunia.com/advisories/33754

External Source: SECUNIA

Name: 24533

Type: Advisory

Hyperlink:http://secunia.com/advisories/24533

External Source: SECUNIA

Name: 24457

Type: Advisory

Hyperlink:http://secunia.com/advisories/24457

External Source: SECUNIA

Name: 23882

Type: Advisory

Hyperlink:http://secunia.com/advisories/23882

External Source: SECUNIA

Name: 23877

Type: Advisory

Hyperlink:http://secunia.com/advisories/23877

External Source: SECUNIA

Name: 23812

Type: Advisory

Hyperlink:http://secunia.com/advisories/23812

External Source: SECUNIA

Name: 23691

Type: Advisory

Hyperlink:http://secunia.com/advisories/23691

External Source: SECUNIA

Name: 23483

Type: Advisory

Hyperlink:http://secunia.com/advisories/23483

External Source: OVAL

Name: oval:org.mitre.oval:def:9693

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9693

External Source: OVAL

Name: oval:org.mitre.oval:def:6487

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6487

External Source: SUSE

Name: SUSE-SA:2007:011

Hyperlink:http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html

External Source: HP

Name: HPSBUX02153

Hyperlink:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

External Source: HP

Name: HPSBUX02153

Hyperlink:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

External Source: CONFIRM

Name: http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html

Hyperlink:http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html

References to Check Content

Identifier:oval:org.mitre.oval:def:6487

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:6487

Identifier:oval:org.mitre.oval:def:9693

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9693

Vulnerable software and versions

Configuration 1

* cpe:/a:adobe:acrobat:7.0.1::professional

* cpe:/a:adobe:acrobat:7.0.1::standard

* cpe:/a:adobe:acrobat:7.0.2::professional

* cpe:/a:adobe:acrobat:7.0.2::standard

* cpe:/a:adobe:acrobat:7.0.3::professional

* cpe:/a:adobe:acrobat:7.0.3::standard

* cpe:/a:adobe:acrobat:7.0.4::professional

* cpe:/a:adobe:acrobat:7.0.4::standard

* cpe:/a:adobe:acrobat:7.0.5::professional

* cpe:/a:adobe:acrobat:7.0.5::standard

* cpe:/a:adobe:acrobat:7.0.6::professional

* cpe:/a:adobe:acrobat:7.0.6::standard

* cpe:/a:adobe:acrobat:7.0.7::professional

* cpe:/a:adobe:acrobat:7.0.7::standard

* cpe:/a:adobe:acrobat:7.0.8::professional

* cpe:/a:adobe:acrobat:7.0.8::standard

* cpe:/a:adobe:acrobat:7.0::professional

* cpe:/a:adobe:acrobat:7.0::standard

* cpe:/a:adobe:acrobat_3d

* cpe:/a:adobe:acrobat_reader:6.0

* cpe:/a:adobe:acrobat_reader:6.0.1

* cpe:/a:adobe:acrobat_reader:6.0.2

* cpe:/a:adobe:acrobat_reader:6.0.3

* cpe:/a:adobe:acrobat_reader:6.0.4

* cpe:/a:adobe:acrobat_reader:6.0.5

* cpe:/a:adobe:acrobat_reader:7.0

* cpe:/a:adobe:acrobat_reader:7.0.1

* cpe:/a:adobe:acrobat_reader:7.0.2

* cpe:/a:adobe:acrobat_reader:7.0.3

* cpe:/a:adobe:acrobat_reader:7.0.4

* cpe:/a:adobe:acrobat_reader:7.0.5

* cpe:/a:adobe:acrobat_reader:7.0.6

* cpe:/a:adobe:acrobat_reader:7.0.7

* cpe:/a:adobe:acrobat_reader:7.0.8

* cpe:/a:adobe:acrobat:7.0.8::elements and previous versions

* cpe:/a:adobe:acrobat_reader:7.0.8 and previous versions

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Cross-Site Scripting (XSS) (CWE-79)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0045