CVE-2007-0044
N/A
N/A
Summary
Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka "Universal CSRF and session riding."
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/21858
- http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf
- http://secunia.com/advisories/23882
- http://www.securityfocus.com/archive/1/455801/100/0/threaded
- http://www.vupen.com/english/advisories/2007/0032
- http://securityreason.com/securityalert/2090
- http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html
- http://secunia.com/advisories/23812
- http://securitytracker.com/id?1017469
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10042
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31266
- http://secunia.com/advisories/29065
- http://security.gentoo.org/glsa/glsa-200701-16.xml
- http://www.redhat.com/support/errata/RHSA-2008-0144.html
- http://www.wisec.it/vulns.php?page=9
References
- http://www.securityfocus.com/bid/21858
- http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf
- http://secunia.com/advisories/23882
- http://www.securityfocus.com/archive/1/455801/100/0/threaded
- http://www.vupen.com/english/advisories/2007/0032
- http://securityreason.com/securityalert/2090
- http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html
- http://secunia.com/advisories/23812
- http://securitytracker.com/id?1017469
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10042
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31266
- http://secunia.com/advisories/29065
- http://security.gentoo.org/glsa/glsa-200701-16.xml
- http://www.redhat.com/support/errata/RHSA-2008-0144.html
- http://www.wisec.it/vulns.php?page=9
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.