Selection:
XSS CSRF Privilege Buffer Remote Stack
CVE ID Name Status References
CVE-2007-0044

Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka "Universal CSRF and session riding."

Assigned (20070103)

BID:21858 | URL:http://www.securityfocus.com/bid/21858 | BUGTRAQ:20070103 Adobe Acrobat Reader Plugin - Multiple Vulnerabilities | URL:http://www.securityfocus.com/archive/1/455801/100/0/threaded | GENTOO:GLSA-200701-16 | URL:http://security.gentoo.org/glsa/glsa-200701-16.xml | MISC:http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf | MISC:http://www.wisec.it/vulns.php?page=9 | OVAL:oval:org.mitre.oval:def:10042 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10042 | REDHAT:RHSA-2008:0144 | URL:http://www.redhat.com/support/errata/RHSA-2008-0144.html | SECTRACK:1017469 | URL:http://securitytracker.com/id?1017469 | SECUNIA:23812 | URL:http://secunia.com/advisories/23812 | SECUNIA:23882 | URL:http://secunia.com/advisories/23882 | SECUNIA:29065 | URL:http://secunia.com/advisories/29065 | SREASON:2090 | URL:http://securityreason.com/securityalert/2090 | SUSE:SUSE-SA:2007:011 | URL:http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html | VUPEN:ADV-2007-0032 | URL:http://www.vupen.com/english/advisories/2007/0032 | XF:adobe-acrobat-pdf-csrf(31266) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/31266


Page created:

CVE year by year statistics.

CVE year statistics by common vulnerability domain.

Latest data from: 2024-12-05