CVE-2005-0918

The NPSVG3.dll ActiveX control for Adobe SVG Viewer 3.02 and earlier, when running on Internet Explorer, allows remote attackers to determine the existence of arbitrary files by setting the src property to the target filename and using Javascript to determine if the web page immediately stops loading, which indicates whether the file exists or not.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.hyperdose.com/advisories/H2005-07.txt	Exploit Patch
http://www.adobe.com/support/techdocs/323585.html	Patch
http://secunia.com/advisories/15255	Vendor Advisory
http://securitytracker.com/id?1013890

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:adobe:svg_viewer:2.0:::::::*
	cpe:2.3:a:adobe:svg_viewer:3.01:::::::*
	cpe:2.3:a:adobe:svg_viewer:1.0:::::::*
	cpe:2.3:a:adobe:svg_viewer:3.0:::::::*
	cpe:2.3:a:adobe:svg_viewer:3.02:::::::*

Information

Published : 2005-05-05 04:00

Updated : 2008-09-05 20:47

NVD link : CVE-2005-0918

Mitre link : CVE-2005-0918

JSON object : View

Products Affected

adobe

svg_viewer

CWE

NVD-CWE-Other

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.hyperdose.com/advisories/H2005-07.txt", "name": "http://www.hyperdose.com/advisories/H2005-07.txt", "tags": ["Exploit", "Patch"], "refsource": "MISC"}, {"url": "http://www.adobe.com/support/techdocs/323585.html", "name": "http://www.adobe.com/support/techdocs/323585.html", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/15255", "name": "15255", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://securitytracker.com/id?1013890", "name": "1013890", "tags": [], "refsource": "SECTRACK"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The NPSVG3.dll ActiveX control for Adobe SVG Viewer 3.02 and earlier, when running on Internet Explorer, allows remote attackers to determine the existence of arbitrary files by setting the src property to the target filename and using Javascript to determine if the web page immediately stops loading, which indicates whether the file exists or not."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-0918", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-05-05T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:adobe:svg_viewer:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:svg_viewer:3.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:svg_viewer:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:svg_viewer:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:svg_viewer:3.02:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2008-09-05T20:47Z"}