New Search

Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox Internet Explorer and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF (2) xml and (3) xfdf AJAX request parameters following the # (hash) character aka "Universal CSRF and session riding."

oval:org.mitre.oval:def:10042

Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox Internet Explorer and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF (2) xml and (3) xfdf AJAX request parameters following the # (hash) character aka "Universal CSRF and session riding."

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux Extras 4
  • Red Hat Enterprise Linux Extras 3
  • Red Hat Enterprise Linux Extras 5
Class:
vulnerability
Reference(s):
  • CVE-2007-0044
Product(s):