[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[WEB SECURITY] Re: RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous

From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
Subject: [WEB SECURITY] Re: RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous
Date: Thu, 4 Jan 2007 16:02:05 +0200 (EET)

Additionally, the public PoC doesn't work on Preview version 3.0.8 (409) on OS X 10.4.8.

- Juha-Matti

Larry Seltzer <Larry@xxxxxxxxxxxxxxxx> wrote:

>>"According to public reports, this vulnerability is addressed in Adobe Acrobat Reader 8.0."
I've actually tested it. On Reader 8 Acrobat you get a messagebox that
says "This operation is not allowed"
Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.eweek.com/blogs/larry%5Fseltzer/ Contributing Editor, PC Magazine larryseltzer@xxxxxxxxxxxxx

---------------------------------------------------------------------------- The Web Security Mailing List: http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: http://www.webappsec.org/lists/websecurity/archive/ http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Follow-Ups:
- [WEB SECURITY] Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous
  - From: T Biehn

Prev by Date: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Next by Date: [WEB SECURITY] Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous
Previous by thread: [WEB SECURITY] Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous
Next by thread: [WEB SECURITY] Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site