CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-01-03T20:00:00

Updated: 2024-08-07T12:03:36.988Z

Reserved: 2007-01-03T00:00:00

Link: CVE-2007-0047

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-01-03T21:28:00.000

Modified: 2024-11-21T00:24:50.607

Link: CVE-2007-0047

cve-icon Redhat

No data.