[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous

To: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>, Thierry Zoller <Thierry@xxxxxxxxx>
Subject: Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous
From: Larry Seltzer <Larry@xxxxxxxxxxxxxxxx>
Date: Thu, 4 Jan 2007 08:36:53 -0500

>>"According to public reports, this vulnerability is addressed in Adobe
Acrobat Reader 8.0." 

I've actually tested it. On Reader 8 Acrobat you get a messagebox that
says "This operation is not allowed"

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.eweek.com/blogs/larry%5Fseltzer/
Contributing Editor, PC Magazine
larryseltzer@xxxxxxxxxxxxx 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] [WEB SECURITY]RE: Universal XSS with PDF files: highly dangerous
  - From: RSnake

References:
- Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous
  - From: Juha-Matti Laurio

Prev by Date: [Full-disclosure] [vuln.sg] PowerArchiver PAISO.DLL Buffer Overflow Vulnerability
Next by Date: Re: [Full-disclosure] [WEB SECURITY] Universal XSS with PDF files: highly dangerous
Previous by thread: Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous
Next by thread: Re: [Full-disclosure] [WEB SECURITY]RE: Universal XSS with PDF files: highly dangerous
Index(es):
- Date
- Thread