[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous

From: "Prasad Shenoy" <prasad.shenoy@xxxxxxxxx>
Subject: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Date: Wed, 3 Jan 2007 11:36:57 -0500

------=_Part_123434_27090934.1167842217352
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Correction: IE 6 SP 1 with version of Acro Reader older than 8.0

Thanks again.

On 1/3/07, Prasad Shenoy <prasad.shenoy@gmail.com> wrote:
>
> It works with IE 6 SP 2 for versions of Acro Reader older than 8.0
>
> Thanks.
>
> On 1/3/07, Richard Moore <rich@westpoint.ltd.uk > wrote:
> >
> >
> > Amit Klein wrote:
> > > pdp (architect) wrote:
> > >
> > >> I will be very quick and just point to links where you can read about
> >
> > >> this issue.
> > >>
> > >> It seams that PDF documents can execute JavaScript code for no
> > >> apparent reason by using the following template:
> > >>
> > >>
> > >>
> > http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here
> >
> > Works on:
> >
> > Firefox 2.0.0.1 win32
> > Firefox 1.5.0.8 win32
> > Opera 8.5.4 build 770 win32
> > Opera 9.10.8679 win32
> >
> > But doesn't work here on IE6 or IE7.
> >
> > Cheers
> >
> > Rich.
> > --
> > Richard Moore, Principal Software Engineer,
> > Westpoint Ltd,
> > Albion Wharf, 19 Albion Street, Manchester, M1 5LN, England
> > Tel: +44 161 237 1028
> > Fax: +44 161 237 1031
> >
> >
> > ----------------------------------------------------------------------------
> > The Web Security Mailing List:
> > http://www.webappsec.org/lists/websecurity/
> >
> > The Web Security Mailing List Archives:
> > http://www.webappsec.org/lists/websecurity/archive/
> > http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
> >
> >
>
>
> --
> Prasad
>



-- 
Prasad

------=_Part_123434_27090934.1167842217352
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Correction: IE 6 SP 1 with version of Acro Reader older than 8.0<br><br>Thanks again.<br><br><div><span class="gmail_quote">On 1/3/07, <b class="gmail_sendername">Prasad Shenoy</b> &lt;<a href="mailto:prasad.shenoy@gmail.com";>
prasad.shenoy@gmail.com</a>&gt; wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">It works with IE 6 SP 2 for versions of Acro Reader older than 
8.0<br><br>Thanks.<div><span class="e" id="q_10fe8d0e6c4e1207_1"><br><br><div><span class="gmail_quote">On 1/3/07, <b class="gmail_sendername">Richard Moore</b> &lt;<a href="mailto:rich@westpoint.ltd.uk"; target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
rich@westpoint.ltd.uk
</a>&gt; wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><br>Amit Klein wrote:<br>&gt; pdp (architect) wrote:<br>&gt;<br>&gt;&gt; I will be very quick and just point to links where you can read about
<br>&gt;&gt; this issue.<br>&gt;&gt;<br>&gt;&gt; It seams that PDF documents can execute JavaScript code for no<br>&gt;&gt; apparent reason by using the following template:<br>&gt;&gt;<br>&gt;&gt;<br>&gt;&gt; <a href="http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here"; target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">

http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here</a><br><br>Works on:<br><br>Firefox <a href="http://2.0.0.1"; target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">2.0.0.1</a>
 win32<br>Firefox <a href="http://1.5.0.8"; target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">1.5.0.8</a> win32<br>Opera 8.5.4
 build 770 win32<br>Opera 9.10.8679 win32<br><br>But doesn&#39;t work here on IE6 or IE7.<br><br>Cheers<br><br>Rich.<br>--<br>Richard Moore, Principal Software Engineer,<br>Westpoint Ltd,<br>Albion Wharf, 19 Albion Street, Manchester, M1 5LN, England
<br>Tel: +44 161 237 1028<br>Fax: +44 161 237 1031<br><br>----------------------------------------------------------------------------<br>The Web Security Mailing List:<br><a href="http://www.webappsec.org/lists/websecurity/"; target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">

http://www.webappsec.org/lists/websecurity/</a><br><br>The Web Security Mailing List Archives:<br><a href="http://www.webappsec.org/lists/websecurity/archive/"; target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://www.webappsec.org/lists/websecurity/archive/</a><br><a href="http://www.webappsec.org/rss/websecurity.rss"; target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://www.webappsec.org/rss/websecurity.rss</a> [RSS Feed]<br><br></blockquote></div><br><br clear="all"><br></span></div>-- <br><span class="sg">Prasad<br>

</span></blockquote></div><br><br clear="all"><br>-- <br>Prasad<br>

------=_Part_123434_27090934.1167842217352--

References:
- [WEB SECURITY] Universal XSS with PDF files: highly dangerous
  - From: pdp (architect)
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
  - From: Amit Klein
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
  - From: Richard Moore
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
  - From: Prasad Shenoy

Prev by Date: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Next by Date: [WEB SECURITY] Re: Universal XSS with PDF files: highly dangerous
Previous by thread: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Next by thread: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site