Tag: Acrobat

XSS/Phising with PDF

There’s currently a lot of chatter on the securityfocus mailing list about the pdf-javascript vulnerability disclosed by Stefano Di Paola and Giorgio Fedon last week at 23C3 in Berlin (original advisory),making new ajaxy worms or XSS possible. Adobe did put out an Acrobat fix, but lots of people don’t often upgrade Acrobat reader. Affected versions…

Read More ≈1min