This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:STC:ADOBE:PDF-XML-XSS
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
Adobe Reader/Acrobat XML Cross-Site Scripting
|
Release Date |
2011/02/15
|
Update Number |
1866
|
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: Adobe Reader/Acrobat XML Cross-Site Scripting
This signature detects attempts to exploit a known vulnerability in Adobe Reader and Adobe Acrobat. A cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary Web script or HTML through unspecified vectors. A successful attack can result in remote code execution.
Extended Description
Adobe Acrobat and Reader are prone to an unspecified cross-site scripting vulnerability.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected.
Affected Products
- Adobe acrobat 10.0
- Adobe acrobat 8.1.5
- Adobe acrobat 8.2.2
- Adobe acrobat 8.2.3
- Adobe acrobat 8.2.4
- Adobe acrobat 9.1.1
- Adobe acrobat 9.2
- Adobe acrobat 9.3
- Adobe acrobat 9.3.1
- Adobe acrobat 9.3.2
- Adobe acrobat 9.3.3
- Adobe acrobat 9.3.3
- Adobe acrobat 9.3.4
- Adobe acrobat 9.3.4
- Adobe acrobat 9.4
- Adobe acrobat 9.4.1
- Adobe acrobat_professional 10.0
- Adobe acrobat_professional 6.0
- Adobe acrobat_professional 7.0.0
- Adobe acrobat_professional 7.0.1
- Adobe acrobat_professional 7.0.2
- Adobe acrobat_professional 7.0.3
- Adobe acrobat_professional 7.0.4
- Adobe acrobat_professional 7.0.5
- Adobe acrobat_professional 7.0.6
- Adobe acrobat_professional 7.0.7
- Adobe acrobat_professional 7.0.8
- Adobe acrobat_professional 7.0.9
- Adobe acrobat_professional 7.1
- Adobe acrobat_professional 7.1.1
- Adobe acrobat_professional 7.1.3
- Adobe acrobat_professional 7.1.4
- Adobe acrobat_professional 8.0
- Adobe acrobat_professional 8.1
- Adobe acrobat_professional 8.1.1
- Adobe acrobat_professional 8.1.2
- Adobe acrobat_professional 8.1.3
- Adobe acrobat_professional 8.1.4
- Adobe acrobat_professional 8.1.6
- Adobe acrobat_professional 8.1.7
- Adobe acrobat_professional 8.2
- Adobe acrobat_professional 8.2.1
- Adobe acrobat_professional 8.2.2
- Adobe acrobat_professional 8.2.4
- Adobe acrobat_professional 8.2.5
- Adobe acrobat_professional 9
- Adobe acrobat_professional 9.1
- Adobe acrobat_professional 9.1.2
- Adobe acrobat_professional 9.1.3
- Adobe acrobat_professional 9.2
- Adobe acrobat_professional 9.3
- Adobe acrobat_professional 9.3.1
- Adobe acrobat_professional 9.3.2
- Adobe acrobat_professional 9.3.3
- Adobe acrobat_professional 9.3.4
- Adobe acrobat_professional 9.4
- Adobe acrobat_professional 9.4.1
- Adobe acrobat_professional 9 Extended
- Adobe acrobat_reader_(for_linux) 8.2.4
- Adobe acrobat_reader_(for_linux) 9.3.3
- Adobe acrobat_standard 10.0
- Adobe acrobat_standard 7.0.0
- Adobe acrobat_standard 7.0.1
- Adobe acrobat_standard 7.0.2
- Adobe acrobat_standard 7.0.3
- Adobe acrobat_standard 7.0.4
- Adobe acrobat_standard 7.0.5
- Adobe acrobat_standard 7.0.6
- Adobe acrobat_standard 7.0.7
- Adobe acrobat_standard 7.0.8
- Adobe acrobat_standard 7.1
- Adobe acrobat_standard 7.1.1
- Adobe acrobat_standard 7.1.3
- Adobe acrobat_standard 7.1.4
- Adobe acrobat_standard 8.0
- Adobe acrobat_standard 8.1
- Adobe acrobat_standard 8.1.1
- Adobe acrobat_standard 8.1.2
- Adobe acrobat_standard 8.1.3
- Adobe acrobat_standard 8.1.4
- Adobe acrobat_standard 8.1.6
- Adobe acrobat_standard 8.1.7
- Adobe acrobat_standard 8.2
- Adobe acrobat_standard 8.2.1
- Adobe acrobat_standard 8.2.2
- Adobe acrobat_standard 8.2.4
- Adobe acrobat_standard 8.2.5
- Adobe acrobat_standard 9
- Adobe acrobat_standard 9.1
- Adobe acrobat_standard 9.1.2
- Adobe acrobat_standard 9.1.3
- Adobe acrobat_standard 9.2
- Adobe acrobat_standard 9.3
- Adobe acrobat_standard 9.3.1
- Adobe acrobat_standard 9.3.2
- Adobe acrobat_standard 9.3.3
- Adobe acrobat_standard 9.3.4
- Adobe acrobat_standard 9.3.4
- Adobe acrobat_standard 9.4
- Adobe acrobat_standard 9.4.1
- Adobe reader 10.0
- Adobe reader 8.0
- Adobe reader 8.1
- Adobe reader 8.1.1
- Adobe reader 8.1.2
- Adobe reader 8.1.4
- Adobe reader 8.1.5
- Adobe reader 8.1.6
- Adobe reader 8.1.7
- Adobe reader 8.2
- Adobe reader 8.2.1
- Adobe reader 8.2.2
- Adobe reader 8.2.3
- Adobe reader 9
- Adobe reader 9.1
- Adobe reader 9.1.1
- Adobe reader 9.1.2
- Adobe reader 9.1.3
- Adobe reader 9.2
- Adobe reader 9.3
- Adobe reader 9.3.1
- Adobe reader 9.3.2
- Adobe reader 9.3.3
- Adobe reader 9.3.4
- Adobe reader 9.3.4
- Adobe reader 9.4
- Adobe reader 9.4.1
- Gentoo linux
- Red_hat desktop_extras 4
- Red_hat enterprise_linux_as_extras 4
- Red_hat enterprise_linux_desktop_supplementary 5 Client
- Red_hat enterprise_linux_desktop_supplementary 6
- Red_hat enterprise_linux_es_extras 4
- Red_hat enterprise_linux_extras 4
- Red_hat enterprise_linux_server_supplementary 6
- Red_hat enterprise_linux_supplementary 5 Server
- Red_hat enterprise_linux_workstation_supplementary 6
- Red_hat enterprise_linux_ws_extras 4
- Suse opensuse 11.2
- Suse opensuse 11.3
- Suse suse_linux_enterprise_desktop 10 SP3
- Suse suse_linux_enterprise_desktop 11 SP1
References