|
|||||||||||
|
|
News & Press releases
| Press releases & general news | |
 |
Press & Company News |
|
General news |
|
In the press |
8 January 2007
The Cross Site Scripting (XSS) vulnerability in Acrobat Reader is more dangerous than at first thought. This vulnerability allows an attacker to execute JavaScript from the context of where the PDF is hosted. Any web server that hosts a PDF file is vulnerable to this XSS attack. To exploit this vulnerability, the attacker appends the desired JavaScript to any PDF href for example:
http://[Path To PDF]/example.pdf#x=javascript:Malicious JavaScript.
An attacker could utilize this vulnerability for a variety of malicious actions such as phishing attacks. Because well known PDF files are stored on the local computer, this vulnerability can be used to execute JavaScript in the context of the local user, granting access to the local file system.
Adobe has corrected this vulnerability with the release of Acrobat Reader 8.0 so the general recommendation is to upgrade to Acrobat Reader 8.0. However, this vulnerability does not appear to affect Internet Explorer running on Windows XP Service Pack 2 with Acrobat Reader 5.0 or higher. All versions of Firefox appear vulnerable unless Acrobat Reader 8.0 or higher is installed.
To protect our clients of such emails that could exploit this vulnerability our systems look for URLs referencing PDF files that contain URL parameters. When indicators of scripting are found we will automatically block these messages.
More Information:
MX Lab
Contact: +32 53 789906
Mail: contact@mxlab.be