CVE-2007-0044 — MEDIUM (4.3)

Q: How severe is CVE-2007-0044?

CVE-2007-0044 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2007-0044?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat, Adobe Acrobat 3D, Adobe Acrobat Reader.

Vulnerability Description

Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka "Universal CSRF and session riding."

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Adobe	Acrobat	<= 7.0.8
Adobe	Acrobat 3D	All versions
Adobe	Acrobat Reader	<= 7.0.8

Related Weaknesses (CWE)

CWE-352

References

FAQ

What is CVE-2007-0044?

CVE-2007-0044 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a ...

How severe is CVE-2007-0044?

CVE-2007-0044 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-0044?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat, Adobe Acrobat 3D, Adobe Acrobat Reader.