Search for vulnerabilities
Vulnerability details: VCID-598p-4ww2-aaar
Vulnerability ID VCID-598p-4ww2-aaar
Aliases CVE-2003-0434
Summary Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.05524 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.05524 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.05524 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.05524 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.05524 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.05524 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.05524 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.05524 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.05524 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.05524 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.05524 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.05524 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.24599 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.24599 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.24599 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.24599 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.25515 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
epss 0.28533 https://api.first.org/data/v1/epss?cve=CVE-2003-0434
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=1617032
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2003-0434
Reference id Reference type URL
http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html
http://marc.info/?l=bugtraq&m=105777963019186&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0434.json
https://api.first.org/data/v1/epss?cve=CVE-2003-0434
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0434
http://secunia.com/advisories/9037
http://secunia.com/advisories/9038
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664
http://www.kb.cert.org/vuls/id/200132
http://www.mandriva.com/security/advisories?name=MDKSA-2003:071
http://www.redhat.com/support/errata/RHSA-2003-196.html
http://www.redhat.com/support/errata/RHSA-2003-197.html
1617032 https://bugzilla.redhat.com/show_bug.cgi?id=1617032
cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
CVE-2003-0434 https://nvd.nist.gov/vuln/detail/CVE-2003-0434
CVE-2003-0434;OSVDB-9293 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22771.txt
CVE-2003-0434;OSVDB-9293 Exploit https://www.securityfocus.com/bid/7912/info
RHSA-2003:196 https://access.redhat.com/errata/RHSA-2003:196
RHSA-2003:197 https://access.redhat.com/errata/RHSA-2003:197
RHSA-2003:216 https://access.redhat.com/errata/RHSA-2003:216
Data source Exploit-DB
Date added June 13, 2003
Description Adobe Acrobat Reader (UNIX) 5.0 6 / Xpdf 0.9x Hyperlinks - Arbitrary Command Execution
Ransomware campaign use Known
Source publication date June 13, 2003
Exploit type remote
Platform linux
Source update date Nov. 17, 2012
Source URL https://www.securityfocus.com/bid/7912/info
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2003-0434
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.93419
EPSS Score 0.05524
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.