Home News Forum Articles
  Welcome back Join CF
You are here You are here: Home | Forum | adobe acrobat XML vulnerability.


You are currently viewing our boards as a guest which gives you limited access to view most of the discussions, articles and other free features. By joining our Virgin Media community you will have full access to all discussions, be able to view and post threads, communicate privately with other members (PM), respond to polls, upload your own images/photos, and access many other special features. Registration is fast, simple and absolutely free so please join our community today.


Welcome to Cable Forum
Go Back   Cable Forum > Computers & IT > Security & Virus Discussion
Reload this Page adobe acrobat XML vulnerability.
Register FAQ Members List Calendar Mark Forums Read

adobe acrobat XML vulnerability.
Reply
 
Thread Tools
Old 24-06-2005, 03:05   #1
cf.mega poster
 
kronas's Avatar
 
Join Date: Jun 2003
Location: heckmondwike
Age: 22
Posts: 10,768
kronas is cast in bronzekronas is cast in bronzekronas is cast in bronzekronas is cast in bronze
kronas is cast in bronzekronas is cast in bronzekronas is cast in bronzekronas is cast in bronze
adobe acrobat XML vulnerability.
Quote:
A vulnerability within Adobe Reader and Adobe Acrobat has been identified. Under certain circumstances, using XML scripts it is possible to discover the existence of local files.

Adobe has solutions available that can rectify these issues. Please refer to the Recommendations section for further information.


Effect: If exploited it may be possible to discover the existence of local files on an end-user system.

Details: The vulnerability is within the Adobe Reader control. If an XML script is embedded in JavaScript, it is possible to discover the existence of local files. An attacker could then use the information gathered for malicious purposes.


However the impact is minimized due to the fact that the existence of local files can only be discovered if the complete filenames and paths are known in advance by the attacker.
source: adobe.com

http://www.adobe.com/support/techdocs/331710.html

for the security updates go to:

http://www.adobe.com/support/downloads/

this is for adobe software Adobe Reader 7.0 and 7.0.1, Adobe Acrobat 7.0 and 7.0.1

please make sure you have version 7.0.1 of the pdf software if you dont then install the first update which will take the version to 7.1 then the second and also very important update to take it to version 7.0.2
kronas is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT +1. The time now is 08:40.


Links
Google
 
Web www.cableforum.co.uk

Contact Us - Service Status - Virgin.Net Status - Cable Forum - Archive - Privacy Statement - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.1.0
Copyright © 2003 - 2008, Cable Forum.
(s204569790.onlinehome.info)
Copyright © 2008 Cable Forum | Hosted By 1&1 | Privacy Policy | Terms of Use Message Boards and Forums Directory