CVE-2003-0434
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2003-0434
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多家PDF厂商超链接任意命令执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Acrobat Reader/Xpdf是可以用于查看PDF文件的处理程序。 Acrobat Reader/Xpdf没有正确过滤超链接中的内容,远程攻击者可以利用这个漏洞诱使用户打开恶意PDF文件,导致包含的恶意命令以用户进程权限执行。 PDF文件允许包含超链接信息,由于PDF在处理超链接时没有过滤链接内容,并且PDF查看程序通过'sh -c'调用来处理请求,因此,攻击者构建特殊的恶意超链接,可导致嵌入的命令直接传递给SHELL执行,成功利用此漏洞,命令可能以用户进程权限执行。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2003-0434
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2003-0434
请登录查看更多情报信息。
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664vdb-entrysignaturex_refsource_OVAL
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.htmlmailing-listx_refsource_FULLDISC
- https://nvd.nist.gov/vuln/detail/CVE-2003-0434
Same Patch Batch · n/a · 2003-06-18 · 15 CVEs total
| CVE-2001-1409 | XFree86 Dexconf Dev/Dri目录权限不安全漏洞 | |
| CVE-2003-0359 | NetHack / JNetHack不正确权限漏洞 | |
| CVE-2003-0366 | Lyskom服务程序未授权用户远程拒绝服务攻击漏洞 | |
| CVE-2003-0379 | Apple AFP Server任意文件破坏漏洞 | |
| CVE-2003-0388 | Linux-PAM getlogin()可被欺骗漏洞 | |
| CVE-2003-0418 | Linux内核IP堆栈错误响应漏洞 | |
| CVE-2003-0419 | SMC无线路由器畸形PPTP包远程拒绝服务攻击漏洞 | |
| CVE-2003-0428 | Ethereal DCERPC解析器内存分配漏洞 | |
| CVE-2003-0429 | Ethereal OSI解析器缓冲区溢出漏洞 | |
| CVE-2003-0430 | Ethereal SPNEGO解析器远程拒绝服务攻击漏洞 | |
| CVE-2003-0431 | Ethereal TVB_GET_NSTRINGZ0()内存处理漏洞 | |
| CVE-2003-0432 | Ethereal多个解析器字符串处理漏洞 | |
| CVE-2003-0433 | Gnocatan Server多个远程缓冲区溢出漏洞 | |
| CVE-2003-0435 | Typespeed远程内存破坏漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2003-0434
No comments yet