[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous

From: Amit Klein <aksecurity@xxxxxxxxx>
Subject: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Date: Thu, 04 Jan 2007 23:48:18 +0200

Billy Hoffman wrote:

I think I get what Skarvin is saying. Hopeful we all know that fragments are not sent with the request, so you cannot stop yourself from serving a PDF that’s about to execute JS code in a fragment. However, social sites and forum sites can scan their site to see if any user supplied links point to a PDF with a malicious looking fragment. At the very least they can make sure they are not being an accomplice to an attack. Of course, some people server PDF’s through file portals (file.php?file=foo.pdf) or use other things that makes it hard to see if a hyperlink serves a PDF or not.

Like obfuscated client side (JS) code, tinyurl, and the list goes on...

-Amit

---------------------------------------------------------------------------- The Web Security Mailing List: http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: http://www.webappsec.org/lists/websecurity/archive/ http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

References:
- RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
  - From: Billy Hoffman

Prev by Date: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Next by Date: RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Previous by thread: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Next by thread: RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site