CVE-2005-1347

CVE-2005-1347 is a low-severity vulnerability in Adobe Acrobat Reader with a CVSS 2.0 base score of 2.6. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.

Key facts

Description

** UNVERIFIABLE ** NOTE: this issue describes a problem that can not be independently verified as of 20050421. Adobe Acrobat reader (AcroRd32.exe) 6.0 and earlier allows remote attackers to cause a denial of service ("Invalid-ID-Handle-Error" error) and modify memory beginning at a particular address, possibly allowing the execution of arbitrary code, via a crafted PDF file. NOTE: the vendor has stated that the reporter refused to provide sufficient details to confirm the issue. In addition, due to the lack of details in the original advisory, an independent verification is not possible. Finally, the reliability of the original reporter is unknown. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example of the newly defined UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. Without additional details or independent verification by reliable sources, it is highly likely that this item will be REJECTED.

Frequently asked questions

What is CVE-2005-1347?
** UNVERIFIABLE ** NOTE: this issue describes a problem that can not be independently verified as of 20050421. Adobe Acrobat reader (AcroRd32.exe) 6.0 and earlier allows remote attackers to cause a denial of service ("Invalid-ID-Handle-Error" error) and modify memory beginning at a particular address, possibly allowing the execution of arbitrary code, via a crafted PDF file. NOTE: the vendor has stated that the reporter refused to provide sufficient details to confirm the issue. In addition, due to the lack of details in the original advisory, an independent verification is not possible. Finally, the reliability of the original reporter is unknown. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example of the newly defined UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. Without additional details or independent verification by reliable sources, it is highly likely that this item will be REJECTED.
How severe is CVE-2005-1347?
CVE-2005-1347 has a CVSS 2.0 base score of 2.6, rated low severity.
Is CVE-2005-1347 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 5% (92nd percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2005-1347?
CVE-2005-1347 primarily affects Adobe Acrobat Reader. In total, 3 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
How do I fix CVE-2005-1347?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2005-1347 published?
CVE-2005-1347 was published on 2005-05-02 and last updated on 2026-06-16.

References

Affected products (3)

More vulnerabilities in Adobe Acrobat Reader

All CVEs affecting Adobe Acrobat Reader →