Short Name |
HTTP:STC:ADOBE:PDF-GOTO-XSS |
---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Acrobat and Reader Remote-Go-To Tag Cross Domain Reference |
Release Date |
2011/06/28 |
Update Number |
1946 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Adobe Acrobat and Reader. A successful attack can lead to Javascript code execution in the context of the application.
Adobe Reader and Acrobat are prone to an unspecified cross-domain scripting vulnerability. A remote attacker can exploit this vulnerability to bypass the same-origin policy, execute arbitrary script code and obtain potentially sensitive information, or launch spoofing attacks against other sites. Adobe Reader and Acrobat versions prior to 10.1 are affected.