Multiple flaws found in Adobe Reader
A feature called Open Parameters within older versions of the Adobe Reader browser plug-in can be corrupted with malicious content, two researchers say.
In a conference paper titled "Subverting Ajax", security researchers Stafano Di Paola and Giorgio Fedon identified multiple cross-site scripting (XSS) vulnerabilities. One flaw in particular, the open parameters vulnerability, is quite easy to execute on vulnerable versions of Adobe Reader, they said.
For example, a malicious attack can be carried out by referencing any Web-based PDF file and supplying potentially malicious JavaScript code as an open parameter to any Web-based PDF file--for example, http://www.(domain name).com/file.pdf#whatever_name_you_want=javascript:your_code_here
The researchers said they contacted Adobe Systems in October with their findings and only recently made their work public.
Adobe has since released version 8 of Adobe Reader which no longer allows appended JavaScript within site URLs. However, many users continue to use older versions of the Adobe Reader plug-in and should update this as soon as possible.
Quick facts:
Name: Adobe Reader Open Parameters XSS
Date first reported: 1/3/07
Vulnerable software: Adobe Reader plug-in versions 6 and 7 for Mozilla Firefox, Opera and Microsoft Internet Explorer.
What it does: Could allow denial of service (crash), remote access and execution of malicious code.
Recommendations: Upgrade to Adobe Reader 8
Exploit code available: Yes
Vendor patch available: Yes
Advisory: Wise Security
Robert Vamosi writes for CNET Reviews.