CVE-2007-1377

MEDIUM Year: 2007
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-400
View all →

Vulnerability Description

AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236.

Related Vulnerabilities

CVE-2013-20004

CRITICAL
CVSS:9.8(Critical)

A flaw was found in StarWind iSCSI target. StarWind service does not limit client connections and allocates memory on each connection attempt. An attacker could create a denial of service state by try...

CWE-4002013

CVE-2015-4412

CRITICAL
CVSS:9.8(Critical)

BSON injection vulnerability in the legal? function in BSON (bson-ruby) gem before 3.0.4 for Ruby allows remote attackers to cause a denial of service (resource consumption) or inject arbitrary data v...

CWE-4002015

CVE-2017-1000378

CRITICAL
CVSS:9.8(Critical)

The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows...

CWE-4002017

CVE-2017-9104

CRITICAL
CVSS:9.8(Critical)

An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered.

CWE-4002017

CVE-2017-9119

CRITICAL
CVSS:9.8(Critical)

The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact by...

CWE-4002017

CVE-2018-11936

CRITICAL
CVSS:9.8(Critical)

Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or something else) leads to out of bound memory access. in Snapdragon Auto, Snapdragon Connectivity, Snap...

CWE-4002018