Wednesday, January 03, 2007

Multiple flaws found in Adobe Reader

CNET "A feature called Open Parameters within older versions of the Adobe Reader browser plug-in can be corrupted with malicious content, two researchers say.
In a conference paper titled 'Subverting Ajax', security researchers Stafano Di Paola and Giorgio Fedon identified multiple cross-site scripting (XSS) vulnerabilities. One flaw in particular, the open parameters vulnerability, is quite easy to execute on vulnerable versions of Adobe Reader, they said. "

No comments: