UXSS in Adobe Acrobat Reader Plugin
At the beginning of new year, I am surprised by the disclosed of multiple vulnerabilities in Adobe Acrobat Reader Plugin.
These vulnerabilities can cause the followings :
- Universal CSRF / session riding (tested on Mozilla Firefox, Internet Explorer, Opera + Acrobat Reader plugin)
- UXSS in #FDF, #XML e #XFDF (tested on Mozilla Firefox + Acrobat Reader plugin)
- Possible Remote Code Execution (tested on Mozilla Firefox + Acrobat Reader plugin)
- Denial of Service (tested on Internet Explorer + Acrobat Reader plugin)
Here are several resources if you want to know more about this thing :
No comments:
Post a Comment