cbcvebase.
CVE-2007-0045
published 2007-01-03

CVE-2007-0045: Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x…

PriorityP423medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
45.26%
98.6th percentile
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."

Affected

38 ranges· showing 25
VendorProductVersion rangeFixed in
adobeacrobat<= 7.0.8
adobeacrobat
adobeacrobat
adobeacrobat
adobeacrobat
adobeacrobat
adobeacrobat
adobeacrobat
adobeacrobat
adobeacrobat
adobeacrobat_reader<= 7.0.8
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader

Detection & IOCsextracted from sources · hover to see the quote

urljavascript:
urlres:
  • Monitor HTTP requests for .pdf URLs containing 'javascript:' or 'res:' URI schemes in query parameters (FDF, XML, XFDF) or anchor identifiers, which are the attack vectors for this Universal XSS (UXSS) vulnerability.
  • The vulnerable component is the Adobe Acrobat Reader browser plugin (versions before 8.0.0, and Reader 7.x before 7.1.4, 8.x before 8.1.7, 9.x before 9.2). Detect presence of these plugin versions in browsers on Windows hosts.
  • Exploitation targets the Adobe Reader plugin across multiple browsers (Firefox, IE6 SP1, Chrome, Opera). Alert on PDF files loaded via browser plugin that contain FDF, XML, or XFDF AJAX parameters with javascript: or res: URI schemes in the URL fragment or query string.
  • ·The vulnerability affects Adobe Acrobat Reader Plugin on Windows only; Linux/other platform deployments of the plugin are not confirmed affected by this specific UXSS vector.
  • ·Red Hat noted no update was available for Adobe Reader on RHEL3 at the time of disclosure due to library dependency issues, meaning patching coverage may be incomplete in legacy environments.

CVSS provenance

nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.