Alerts
BOOKMARK THIS ALERT
digg
|
del.icio.us
|
reddit
newsvine
|
furl
|
technorati
Adobe Acrobat XSS Vulnerability
Date:01.04.2007
Threat Type: Malicious Website / Malicious Code
Websense® Security Labs™ has confirmed the existence of a Cross Site Scripting (XSS) vulnerability affecting multiple versions of Adobe® Acrobat Reader®. This vulnerability allows an attacker to execute JavaScript from the context of where the PDF is hosted. Any web server that hosts a PDF file is vulnerable to this XSS attack. To exploit this vulnerability, the attacker appends the desired JavaScript to any PDF href, such as a direct link or an iframe.
Example: http://[Path To PDF]/example.pdf#x=javascript:Malicious JavaScript
An attacker could utilize this vulnerability for a wide variety of malicious actions, such as creating deceptive phishing attacks or propagating across social networking sites.
Additionally, because known PDF files are stored on the local computer, this vulnerability can be used to execute JavaScript in the context of the local user, granting access to the local file system. In the following screenshot example, JavaScript is used to read and display the hosts file.
Local file being accessed:
Adobe has corrected this vulnerability with the release of Acrobat Reader 8.0. However, this vulnerability does not appear to affect Internet Explorer running on Windows XP Service Pack 2 with Acrobat Reader 5.0 or higher. All versions of Firefox appear vulnerable unless Acrobat Reader 8.0 or higher is installed.
- http://www.securityfocus.com/archive/1/455790/30/30/threaded
- http://www.gnucitizen.org/blog/danger-danger-danger
- http://events.ccc.de/congress/2006/Fahrplan/events/1602.en.html