“A cross-site scripting (XSS) vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat could allow remote attackers to inject arbitrary JavaScript into a browser session. Exploitability depends on the browser and browser version being used.”
Solution:
You can mitigate this problem by upgrading to Adobe Reader 8.
Alternatively, you can implement a workaround in your browser so that it does not use the Acrobat Reader plugin. The following instructions apply to the Firefox browser:
• In the Tools menu, select Options.
• Select Downloads in the Options dialog.
• Click on the View & Edit Actions button.
• In the Download Actions dialog, choose the action for the PDF extension or the Adobe Acrobat Document file type and then click on Change Action.
Like this:
Like Loading...
Related
About princess of antiquity
Abbi Cabanding is a member of the Security Bloggers Network and had been blogging on information security since 2006. She is also a member of the Association for Computing Machinery. She studied Computer Science and Fine Arts at the University of the Philippines - Diliman.
Discussion
No comments yet.