CVE-2007-0044
CVE-2007-0044
Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka "Universal CSRF and session riding."
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/29383no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdfhttp://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.htmlhttp://secunia.com/advisories/23812http://secunia.com/advisories/23882http://secunia.com/advisories/29065http://security.gentoo.org/glsa/glsa-200701-16.xmlhttp://securityreason.com/securityalert/2090http://securitytracker.com/id?1017469https://exchange.xforce.ibmcloud.com/vulnerabilities/31266https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10042http://www.redhat.com/support/errata/RHSA-2008-0144.htmlhttp://www.securityfocus.com/archive/1/455801/100/0/threaded