CVE-2003-0434
7.5
CVSS SCORE
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Description
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Affected Software Configurations
- a adobe acrobat 5.0.6 * * * * * * *
- a xpdf xpdf 1.1 * * * * * * *
- o mandrakesoft mandrake_linux 9.0 * * * * * * *
- o mandrakesoft mandrake_linux 9.1 * * * * * * *
- o mandrakesoft mandrake_linux_corporate_server 2.1 * * * * * * *
- o redhat enterprise_linux 2.1 * advanced_server * * * * *
- o redhat enterprise_linux 2.1 * enterprise_server * * * * *
- o redhat enterprise_linux 2.1 * workstation * * * * *
- o redhat linux 7.1 * * * * * * *
- o redhat linux 7.2 * * * * * * *
Weaknesses (CWE)
- NVD-CWE-Other
References & External Links
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html
- http://marc.info/?l=bugtraq&m=105777963019186&w=2
- http://secunia.com/advisories/9037
- http://secunia.com/advisories/9038
- http://www.kb.cert.org/vuls/id/200132
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:071
- http://www.redhat.com/support/errata/RHSA-2003-196.html
- http://www.redhat.com/support/errata/RHSA-2003-197.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html
- http://marc.info/?l=bugtraq&m=105777963019186&w=2
- http://secunia.com/advisories/9037
- http://secunia.com/advisories/9038
- http://www.kb.cert.org/vuls/id/200132
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:071
- http://www.redhat.com/support/errata/RHSA-2003-196.html
- http://www.redhat.com/support/errata/RHSA-2003-197.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664