[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[WEB SECURITY] Re: Universal PDF XSS After Party

From: Maik Mueller <maik.mueller@xxxxxxx>
Subject: [WEB SECURITY] Re: Universal PDF XSS After Party
Date: Fri, 5 Jan 2007 13:50:54 +0100

Hello,

Guignol responds:
This doesn?t work. It?s all a hoax.

Sean responds:
It works in FF2.0.0.1 but only when the Adobe plugin is used. If the
action is ?Open with default app? or ?save to disk?, the exploit does
not work.  

Ich auch erhebliche Probleme beim Reproduzieren. Ohne eifrige
Unterstützung durch den Web Browser geht da bei mir erst mal gar
nichts.

#Maik

Thursday, January 4, 2007, 2:16:59 PM, you wrote:

pa> Everybody knows about it. Everybody talks about it. We had a nice
pa> party. It is time for estimating the damages. In this article I will
pa> try to show the impact of the Universal PDF XSS vulnerability by
pa> explaining how it can be used in real life situations.

pa> http://www.gnucitizen.org/blog/universal-pdf-xss-after-party/


----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

References:
- [WEB SECURITY] Universal PDF XSS After Party
  - From: pdp (architect)

Prev by Date: RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Next by Date: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Previous by thread: Re: [WEB SECURITY] RE: Universal PDF XSS After Party(posible solution)
Next by thread: [WEB SECURITY] Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site