Vulnerability Description
AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Acrobat Reader | 8.0 |
| Mozilla | Firefox | 2.0.0.3 |
| Netscape | Navigator | All versions |
| Opera | Opera Browser | 9.2 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/22856Broken LinkExploitThird Party Advisory
- http://www.securityfocus.com/data/vulnerabilities/exploits/22856.htmlBroken LinkExploitThird Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32896Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/22856Broken LinkExploitThird Party Advisory
- http://www.securityfocus.com/data/vulnerabilities/exploits/22856.htmlBroken LinkExploitThird Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32896Third Party AdvisoryVDB Entry
FAQ
What is CVE-2007-1377?
CVE-2007-1377 is a vulnerability with a CVSS score of 5.0 (MEDIUM). AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an ...
How severe is CVE-2007-1377?
CVE-2007-1377 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1377?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat Reader, Mozilla Firefox, Netscape Navigator, Opera Opera Browser.