Signature Detail

HTTP: Adobe Acrobat and Reader Remote-Go-To Tag Cross Domain Reference

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat and Reader. A successful attack can lead to Javascript code execution in the context of the application.

Extended Description

Adobe Reader and Acrobat are prone to an unspecified cross-domain scripting vulnerability. A remote attacker can exploit this vulnerability to bypass the same-origin policy, execute arbitrary script code and obtain potentially sensitive information, or launch spoofing attacks against other sites. Adobe Reader and Acrobat versions prior to 10.1 are affected.

Affected Products

• Adobe Reader 10.0
• Adobe Reader 10.0.1
• Adobe Reader 10.0.2
• Adobe Reader 10.0.3
• Adobe Reader 8
• Adobe Reader 8.0
• Adobe Reader 8.1
• Adobe Reader 8.1.1
• Adobe Reader 8.1.2
• Adobe Reader 8.1.2 Security Update 1
• Adobe Reader 8.1.3
• Adobe Reader 8.1.4
• Adobe Reader 8.1.5
• Adobe Reader 8.1.6
• Adobe Reader 8.1.7
• Adobe Reader 8.2
• Adobe Reader 8.2.1
• Adobe Reader 8.2.2
• Adobe Reader 8.2.3
• Adobe Reader 8.2.4
• Adobe Reader 8.2.5
• Adobe Reader 8.2.6
• Adobe Reader 9
• Adobe Reader 9
• Adobe Reader 9.1
• Adobe Reader 9.1.1
• Adobe Reader 9.1.2
• Adobe Reader 9.1.3
• Adobe Reader 9.2
• Adobe Reader 9.3
• Adobe Reader 9.3.1
• Adobe Reader 9.3.2
• Adobe Reader 9.3.3
• Adobe Reader 9.3.4
• Adobe Reader 9.3.4
• Adobe Reader 9.4
• Adobe Reader 9.4.1
• Adobe Reader 9.4.2
• Adobe Reader 9.4.3
• Adobe Reader 9.4.4

References

• BugTraq: 48255
• CVE: CVE-2011-2101