[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[WEB SECURITY] Re: [Full-disclosure] [WEB SECURITY] Universal XSS with PDF files: highly dangerous

From: M.B.Jr. <marcio.barbado@xxxxxxxxx>
Subject: [WEB SECURITY] Re: [Full-disclosure] [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Date: Mon, 8 Jan 2007 11:28:03 -0200

On 1/3/07, Jim Manico <jim@xxxxxxxxxx> wrote:

I'm most worried about the CSRF vector.


how come?

this is client-side stuff.

--
Marcio Barbado, Jr.
==============
==============

---------------------------------------------------------------------------- The Web Security Mailing List: http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: http://www.webappsec.org/lists/websecurity/archive/ http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Follow-Ups:
- [WEB SECURITY] Re: [Full-disclosure] [WEB SECURITY] Universal XSS with PDF files: highly dangerous
  - From: Jim Manico

References:
- [WEB SECURITY] Universal XSS with PDF files: highly dangerous
  - From: pdp (architect)
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
  - From: Jean-Jacques Halans
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
  - From: Jim Manico

Prev by Date: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Next by Date: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Previous by thread: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Next by thread: [WEB SECURITY] Re: [Full-disclosure] [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site