CVE-2007-0047 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2007-0047 Interim 1 5 2023-12-09T02:16:10Z current 2021-05-30T12:37:38Z 2023-12-09T02:16:10Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2007-0047 CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AQ73S2WHF76PZTUSVS6QTLS37WZUNBLH/#AQ73S2WHF76PZTUSVS6QTLS37WZUNBLH E-Mail link for SUSE-SA:2007:011 https://www.suse.com/support/security/rating/ SUSE Security Ratings CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters. CVE-2007-0047 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P