Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsFULL-DISCLOSURESECURITYVULNS:VULN:6994
HistoryJan 04, 2007 - 12:00 a.m.

Adobe reader plugin PDF files universal crossite scripting

2007-01-0400:00:00
FULL-DISCLOSURE
vulners.com
63

EPSS

0.929

Percentile

99.1%

JSON
  1. By using URIs like http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here it's possible to execute code in context of any Web site where at least one PDF is stored.
  2. By using "trigger action" in PDF document it's possible to execute code in context of the web page where document is stored.
    There are also more bugs exploitable thorugh a web page.

Related

nessus 31
checkpoint_advisories 3
openvas 22
suse 2
gentoo 3
kaspersky 1
prion 6
nvd 6
cvelist 6
cve 6
ubuntucve 3
redhat 3
chrome 1
cert 1
securityvulns 1
mozilla 1
seebug 1
debian 1
nessus
nessus
Adobe PDF Plug-In < 8.0 / 7.0.9 / 6.0.6 Multiple Vulnerabilities (APSB07-01)
2007-01-05 00:00:00
openSUSE 10 Security Update : acroread (acroread-2506)
2007-10-17 00:00:00
Adobe Acrobat < 6.0.6 / 7.0.9 Multiple Vulnerabilities
2009-08-28 00:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against Multiple Adobe Acrobat Vulnerabilities
2007-01-21 00:00:00
Adobe Reader Plugin Malformed URL Cross-Site Scripting (APSB07-01; CVE-2007-0045; CVE-2007-0048)
2010-01-12 00:00:00
Adobe Acrobat Reader Plugin Crafted URL Double Free (CVE-2007-0046)
2010-01-24 00:00:00
openvas
openvas
SLES9: Security update for acroread
2009-10-10 00:00:00
SLES9: Security update for acroread
2009-10-10 00:00:00
SuSE Update for acroread SUSE-SA:2007:011
2009-01-28 00:00:00
suse
suse
remote code execution in acroread
2007-01-22 18:37:17
remote code execution in acroread, acroread_ja
2009-10-26 13:17:31
gentoo
gentoo
Adobe Acrobat Reader: Multiple vulnerabilities
2007-01-22 00:00:00
Adobe Acrobat Reader: Multiple vulnerabilities
2008-03-02 00:00:00
Adobe Reader: Multiple vulnerabilities
2009-10-25 00:00:00
kaspersky
kaspersky
KLA10032 Multiple vulnerabilities in Adobe Acrobat & Reader
2007-01-09 00:00:00
prion
prion
Code injection
2007-03-02 21:18:00
Cross site scripting
2007-01-03 21:28:00
Cross site request forgery (csrf)
2007-01-03 21:28:00
nvd
nvd
CVE-2007-1199
2007-03-02 21:18:00
CVE-2007-0048
2007-01-03 21:28:00
CVE-2007-0044
2007-01-03 21:28:00
cvelist
cvelist
CVE-2007-1199
2007-03-02 19:00:00
CVE-2007-0048
2007-01-03 20:00:00
CVE-2007-0046
2007-01-03 20:00:00
cve
cve
CVE-2007-1199
2007-03-02 21:18:00
CVE-2007-0046
2007-01-03 21:28:00
CVE-2007-0044
2007-01-03 21:28:00
ubuntucve
ubuntucve
CVE-2007-1199
2007-03-02 00:00:00
CVE-2007-0046
2007-01-03 00:00:00
CVE-2007-0045
2007-01-03 00:00:00
redhat
redhat
(RHSA-2007:0017) Critical: Adobe Acrobat Reader security update
2007-01-11 00:00:00
(RHSA-2007:0021) Critical: Adobe Acrobat Reader security update
2007-01-22 00:00:00
(RHSA-2008:0144) Critical: acroread security update
2008-02-22 00:00:00
chrome
chrome
Stable, Beta update: Yahoo! Mail and Security Fixes
2009-01-28 00:00:00
cert
cert
Adobe Acrobat Plug-In cross domain violation
2007-01-03 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2007-02
2007-02-27 00:00:00
mozilla
mozilla
Improvements to help protect against Cross-Site Scripting attacks — Mozilla
2007-02-23 00:00:00
seebug
seebug
Adobe Reader: Multiple vulnerabilities
2009-10-27 00:00:00
debian
debian
[SECURITY] [DSA 1336-1] New mozilla-firefox packages fix several vulnerabilities
2007-07-22 17:43:28

EPSS

0.929

Percentile

99.1%

JSON
Related for SECURITYVULNS:VULN:6994
nessus31checkpoint_advisories3openvas22suse2gentoo3kaspersky1prion6nvd6cvelist6cve6ubuntucve3redhat3chrome1cert1securityvulns1mozilla1seebug1debian1