CVE-2007-1199
published 2007-03-02CVE-2007-1199: Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with >, a different issue…
PriorityP430medium4.3CVSS 2.0
AVNACMAuNCPINAN
EXPLOIT
EPSS
10.39%
95.2th percentile
Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with >, a different issue than CVE-2007-0045.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
| adobe | acrobat_reader | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
file: // URL execution
vendor_redhat·2007-02-28·CVSS 4.3
CVE-2007-1199 [MEDIUM] file: // URL execution
file: // URL execution
Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with >, a different issue than CVE-2007-0045.
Statement: The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw.
GHSA
GHSA-26rv-g5pr-54w8: Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with >, a different
ghsa_unreviewed·2022-05-01·CVSS 4.3
CVE-2007-1199 [MEDIUM] GHSA-26rv-g5pr-54w8: Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with >, a different
Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with >, a different issue than CVE-2007-0045.
No detection rules found.
http://osvdb.org/33897http://secunia.com/advisories/24408http://secunia.com/advisories/29205http://security.gentoo.org/glsa/glsa-200803-01.xmlhttp://www.gnucitizen.org/projects/pdf-strikes-back/http://www.securityfocus.com/bid/22753https://exchange.xforce.ibmcloud.com/vulnerabilities/32815http://osvdb.org/33897http://secunia.com/advisories/24408http://secunia.com/advisories/29205http://security.gentoo.org/glsa/glsa-200803-01.xmlhttp://www.gnucitizen.org/projects/pdf-strikes-back/http://www.securityfocus.com/bid/22753https://exchange.xforce.ibmcloud.com/vulnerabilities/32815
2007-03-02
Published