Adobe Acrobat Reader Plugin <= 7.0.x (acroreader) XSS Vulnerability

2007-05-16 作者:bitsCN整理来源:中国网管联盟点评 投稿 收藏

# Stefano Di Paola
# http://www.wisec.it/

From Secunia:
Input passed to a hosted PDF file is not properly sanitised by the browser plug-in
before being returned to users. This can be exploited to execute arbitrary script code in
a user's browser session in context of an affected site.

Example:
- http://[host]/[filename].pdf#[some text]=javascript:

顶一下

TAGs： to browser in session context user code exploited

上一篇：CA BrightStor ARCserve (tapeeng.exe) Remote Buffer Overflow Exploit 下一篇：Apple Quicktime <= 7.1.3 (HREFTrack) Cross-Zone Scripting Exploit

相关文章列表

Adobe Acrobat Reader Plugin <= 7.0.x (acroreader) XSS Vulnerability 评论：

评论加载中…

评论:请自觉遵守互联网相关政策法规，评论不得超过250字。

验证码：注册用户

本类热门排行：

1.Scripteen Free Image Hosting Script 1.
2.PPMate PPMedia Class ActiveX Control B
3.Apache mod_jk 1.2.19 Remote Buffer Ove
4.Microsoft Access (Snapview.ocx 10.0.55
5.Cisco IOS 12.3(18) FTP Server Remote E
6.Trend Micro OfficeScan ObjRemoveCtrl A
7.Windows Media Encoder wmex.dll ActiveX
8.Linux Kernel <= 2.6.20 with DCCP Su
9.NaviCOPA Web Server 2.01 Remote Buffer
10.Simple Machines Forum <= 1.1.5 Admi

Adobe Acrobat Reader Plugin <= 7.0.x (acroreader) XSS Vulnerability

2007-05-16 作者:bitsCN整理 来源:中国网管联盟 点评 投稿 收藏

2007-05-16 作者:bitsCN整理来源:中国网管联盟点评投稿收藏