Adobe Reader Plugin Open Parameters Cross-Site Scripting Vulnerability

Threat level definition

Adobe Reader Plugin Open Parameters Cross-Site Scripting Vulnerability

References:

Adobe Reader 8 Homepage (Adobe)
Adobe Security Advisory APSA07-02 (Adobe)
Adobe Security Advisory APSB07-01 (Adobe)
APSA07-01 - Cross-site scripting vulnerability in versions 7.0.8 and earlier of (Adobe)
Hacking with Browser Plugins (Disenchant)
PDF Open Parameters (Adobe)
Subverting AJAX (Stefano Di Paola and Giorgio Fedon)
Sun Alert ID: 102847 (Sun)
VU#815960 - Adobe Acrobat Plug-In cross domain violation (US-CERT)
Adobe Acrobat Reader Plugin - Multiple Vulnerabilities (Stefano Di Paola)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous (Dave Ferguson)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous (pdp (architect))
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous (pdp (architect))
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous (pdp (architect))
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous (Amit Klein)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous (RSnake)
Re: Universal XSS with PDF files: highly dangerous (ascii )
Universal XSS with PDF files: highly dangerous (pdp (architect))
Adobe Acrobat Reader security update RHSA-2007:0017-2 (RedHat)
APSB09-15 Security Updates Available for Adobe Reader and Acrobat (Adobe)
ASA-2007-134 - Multiple Security Vulnerabilities in Adobe Reader May Lead to Exe (Avaya)
Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execu (Sun)
RHSA-2008:0144-5 acroread security update (Red Hat)

Privacy Statement
Copyright 2009, SecurityFocus