Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Adobe Reader和Acrobat 特制PDF文件 任意代码执行漏洞
Vulnerability Description
Adobe Reader和Acrobat 7.1.4之前的7.x,8.1.7之前的8.x和9.2之前的9.x版本中的Acrobat API JavaScript没有为未明的JavaScript方式正确的执行(1)特权环境和(2)安全路径限制,这使得运程攻击者可以借助一个特制的PDF文件中的c路径参数,创建任意文件和可能执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A