[WEB SECURITY] Re: Universal PDF XSS After Party
Maik Mueller
maik.mueller at sap.com
Fri Jan 5 07:50:54 EST 2007
Hello,
Guignol responds:
This doesn’t work. It’s all a hoax.
Sean responds:
It works in FF2.0.0.1 but only when the Adobe plugin is used. If the
action is “Open with default app” or “save to disk”, the exploit does
not work.
Ich auch erhebliche Probleme beim Reproduzieren. Ohne eifrige
Unterstützung durch den Web Browser geht da bei mir erst mal gar
nichts.
#Maik
Thursday, January 4, 2007, 2:16:59 PM, you wrote:
pa> Everybody knows about it. Everybody talks about it. We had a nice
pa> party. It is time for estimating the damages. In this article I will
pa> try to show the impact of the Universal PDF XSS vulnerability by
pa> explaining how it can be used in real life situations.
pa> http://www.gnucitizen.org/blog/universal-pdf-xss-after-party/
----------------------------------------------------------------------------
The Web Security Mailing List:
http://www.webappsec.org/lists/websecurity/
The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
More information about the websecurity
mailing list