High severity7.5NVD Advisory· Published Jun 15, 2005· Updated Apr 16, 2026

CVE-2005-1306

Description

The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability."

Affected products

Adobe Inc./Acrobat2 versions
cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*
Adobe Inc./Acrobat Reader2 versions
cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.adobe.com/support/techdocs/331710.htmlnvdBroken LinkPatchVendor Advisory
www.securityfocus.com/bid/13962nvdBroken LinkExploitPatchThird Party AdvisoryVDB EntryVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.013
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000