cbcvebase.
CVE-2007-5020
published 2007-09-21

CVE-2007-5020: Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the…

PriorityP268critical9.3CVSS 2.0
AVNACMAuNCCICAC
ITWVulnCheck KEV
Exploited in the wild
EPSS
20.97%
97.2th percentile
Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. NOTE: this information is based upon a vague pre-advisory by a reliable researcher.

Affected

2 ranges
VendorProductVersion rangeFixed in
adobeacrobat
adobeacrobat_reader

Detection & IOCsextracted from sources · hover to see the quote

othermailto:
  • Crafted PDF file exploiting the mailto: option in Adobe Acrobat/Reader 8.1 on Windows, specifically when opened with Internet Explorer 7 on Windows XP, can lead to arbitrary code execution.
  • A separate but related attack vector involves PDF files containing file:// URLs that are silently opened without user interaction; monitor for PDF-triggered file:// URL navigations.
  • ·This vulnerability is Windows-platform specific and does not affect Adobe Acrobat Reader on Linux/UNIX platforms.
  • ·The exploit requires the specific combination of Adobe Acrobat/Reader 8.1, Internet Explorer 7, and Windows XP to be triggered as described.
  • ·Adobe confirmed the fix was included in Reader 9.4.1 and the 8.x release line, but the exact version that introduced the fix was not pinpointed by Adobe.

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck9.3CRITICAL
vendor_redhat9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.