RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous

Subject: RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous
Date: Thu, 4 Jan 2007 08:36:53 -0500
From: Larry Seltzer <suppressed>

>>"According to public reports, this vulnerability is addressed in Adobe
Acrobat Reader 8.0." 

I've actually tested it. On Reader 8 Acrobat you get a messagebox that
says "This operation is not allowed"

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.eweek.com/blogs/larry%5Fseltzer/
Contributing Editor, PC Magazine
suppressed

Follow-Ups:
- Re: [WEB SECURITY] RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous
  - From: RSnake

References:
- Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous
  - From: Juha-Matti Laurio

Prev by Date: Universal PDF XSS After Party
Next by Date: Re: Universal XSS with PDF files: highly dangerous
Previous by thread: Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous
Next by thread: Re: [WEB SECURITY] RE: [Full-disclosure] Universal XSS with PDF files: highly dangerous
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.