DescriptionAdobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka "Universal CSRF and session riding."
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SA:2007:011, published Mon, 22 Jan 2007 18:00:00 +0000
SUSE Timeline for this CVECVE page created: Fri Jun 28 01:47:20 2013
CVE page last modified: Fri Oct 7 12:45:35 2022