Adobe Acrobat Reader Plugin prior to 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote malicious users to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka "Universal CSRF and session riding."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe acrobat 7.0.1 |
||
adobe acrobat 7.0.2 |
||
adobe acrobat 7.0.5 |
||
adobe acrobat 7.0.6 |
||
adobe acrobat 3d |
||
adobe acrobat reader 6.0 |
||
adobe acrobat reader 7.0.1 |
||
adobe acrobat reader 7.0.2 |
||
adobe acrobat |
||
adobe acrobat reader |
||
adobe acrobat 7.0.3 |
||
adobe acrobat 7.0.4 |
||
adobe acrobat 7.0.7 |
||
adobe acrobat 7.0.8 |
||
adobe acrobat reader 6.0.3 |
||
adobe acrobat reader 6.0.4 |
||
adobe acrobat reader 7.0.5 |
||
adobe acrobat reader 7.0.6 |
||
adobe acrobat reader 6.0.1 |
||
adobe acrobat reader 6.0.2 |
||
adobe acrobat reader 7.0.3 |
||
adobe acrobat reader 7.0.4 |
||
adobe acrobat 7.0 |
||
adobe acrobat reader 6.0.5 |
||
adobe acrobat reader 7.0 |
||
adobe acrobat reader 7.0.7 |
||
adobe acrobat reader 7.0.8 |