CVE-2007-0048

CVE Database · CVE-2007-0048

CVE-2007-0048

· N/AModified

CVSS v3.1

N/A

EPSS

31.51%

Published

Jan 3, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a "cross-site scripting issue."

Affected Products (36)

adobe · acrobatvulnerable

· acrobat

References (20)

http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf

http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html

http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html

http://osvdb.org/31596

http://secunia.com/advisories/23812

http://secunia.com/advisories/23882

http://secunia.com/advisories/33754

http://security.gentoo.org/glsa/glsa-200701-16.xml

http://securityreason.com/securityalert/2090

http://securitytracker.com/id?1017469

http://securitytracker.com/id?1023007

http://www.adobe.com/support/security/bulletins/apsb07-01.html

KEV Catalog EPSS Scores Vendors All CVEs