Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2007-0047
Description:CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
Test IDs: 1.3.6.1.4.1.25623.1.0.58043  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-0047
http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf
http://securitytracker.com/id?1017469
http://secunia.com/advisories/23882
SuSE Security Announcement: SUSE-SA:2007:011 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html
http://www.vupen.com/english/advisories/2007/0032
XForce ISS Database: adobe-acrobat-xmlhttp-response-splitting(31291)
https://exchange.xforce.ibmcloud.com/vulnerabilities/31291




© 1998-2024 E-Soft Inc. All rights reserved.