CVE-2005-1306

{"id": "CVE-2005-1306", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2005-06-15T04:00:00.000", "references": [{"url": "http://www.adobe.com/support/techdocs/331710.html", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/13962", "tags": ["Broken Link", "Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.adobe.com/support/techdocs/331710.html", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/13962", "tags": ["Broken Link", "Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-611"}]}], "descriptions": [{"lang": "en", "value": "The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the \"XML External Entity vulnerability.\""}], "lastModified": "2024-11-20T23:57:02.663", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FECFC942-4F04-420C-A9B4-AE0C0590317F"}, {"criteria": "cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F81817F2-1E3A-4A52-88F1-6B614A2A1F0A"}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E2D0266-6954-4DBA-9EEE-8BF73B39DD61"}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24262AFA-2EC8-479E-8922-36DB4243E404"}], "operator": "OR"}]}], "vendorComments": [{"comment": "Not vulnerable. Adobe told us this issue did not affect the Linux version of Adobe Reader.", "lastModified": "2006-08-30T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "cve@mitre.org"}