Adobe SVG Viewer Active Scripting Bypass

2003-10-08T00:00:00
ID OSVDB:2252
Type osvdb
Reporter OSVDB
Modified 2003-10-08T00:00:00

Description

Vulnerability Description

Adobe SVG Viewer contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious SVG document contains scripting code occurs. This flaw may lead to a loss of integrity.

Solution Description

Upgrade to version 3.01 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Adobe SVG Viewer contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious SVG document contains scripting code occurs. This flaw may lead to a loss of integrity.

References:

Vendor URL: http://www.adobe.com/svg/overview/whatsnew.html Secunia Advisory ID:9967 Related OSVDB ID: 10277 Related OSVDB ID: 10276 Other Advisory URL: http://www.greymagic.com/security/advisories/gm002-mc/ ISS X-Force ID: 13366 Bugtraq ID: 8786