4 matches found
CVE-2007-0045
CVE-2007-0045 describes a set of cross-site scripting (XSS) vulnerabilities in the Adobe Acrobat Reader Plugin used with browsers on Windows, allowing remote injection of arbitrary JavaScript via a .pdf URL containing a javascript:, res:, or related AJAX parameters (FDF/XML/XFDF) or an anchor nam...
CVE-2007-0044
CVE-2007-0044 affects Adobe Acrobat Reader Plugin for Firefox/IE/Opera, with the vulnerability allowing remote attackers to induce the browser to make unauthorized requests to other sites via AJAX requests (parameters in FDF/xml/xfdf) after the hash, i.e., a cross-site request forgery (CSRF) in t...
CVE-2007-0048
CVE-2007-0048 affects Adobe Acrobat Reader/Plugin when used with Internet Explorer, Chrome, or Opera. A crafted PDF URL containing a long sequence of # characters exploits a cross-site scripting issue to trigger memory exhaustion, causing a denial of service. Affected are the Acrobat/Reader plugi...
CVE-2008-2641
CVE-2008-2641 is an Adobe Reader/Acrobat vulnerability affecting multiple versions (PDF viewer on Windows and Linux) where an input validation flaw in a JavaScript method can cause a remote crash or allow arbitrary code execution. Connected advisories confirm the root cause is an input validation...