Adobe Reader Plugin Open Parameters Cross-Site Scripting Vulnerability

Bugtraq ID:	21858
Class:	Input Validation Error
CVE:	CVE-2007-0048 CVE-2007-0045 CVE-2007-0044
Remote:	Yes
Local:	No
Published:	Jan 03 2007 12:00AM
Updated:	Mar 19 2015 08:44AM
Credit:	Stefano Di Paola and Giorgio Fedon are credited with the discovery of this vulnerability.
Vulnerable:	Turbolinux Turbolinux FUJI SuSE SUSE Linux Enterprise Desktop 11 SuSE SUSE Linux Enterprise Desktop 10 SP3 SuSE SUSE Linux Enterprise Desktop 10 SP2 SuSE SUSE Linux Enterprise Desktop 10 SuSE openSUSE 10.3 Sun Solaris 10_sparc S.u.S.E. openSUSE 11.1 S.u.S.E. openSUSE 11.0 S.u.S.E. openSUSE 10.2 S.u.S.E. Novell Linux Desktop 9.0 S.u.S.E. Linux 9.3 x86 S.u.S.E. Linux 10.1 x86 S.u.S.E. Linux 10.0 x86 RedHat Enterprise Linux Extras 4 RedHat Enterprise Linux Extras 3 Red Hat Enterprise Linux Supplementary 5 server Red Hat Enterprise Linux Desktop Supplementary 5 client Opera Software Opera Web Browser 9.10 Opera Software Opera Web Browser 9 Mozilla Firefox 2.0 .1 Mozilla Firefox 1.5 beta 2 Mozilla Firefox 1.5 beta 1 Mozilla Firefox 1.5 .8 Mozilla Firefox 1.5 Mozilla Firefox 1.0.4 Mozilla Firefox 2.0 RC3 Mozilla Firefox 2.0 RC2 Mozilla Firefox 2.0 beta 1 Mozilla Firefox 2.0 Mozilla Firefox 1.5.0.9 Mozilla Firefox 1.5.0.7 Mozilla Firefox 1.5.0.6 Mozilla Firefox 1.5.0.5 Mozilla Firefox 1.5.0.4 Mozilla Firefox 1.5.0.3 Mozilla Firefox 1.5.0.2 Mozilla Firefox 1.5.0.1 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 Gentoo Linux Gentoo app-text/acroread 7.0.8 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Avaya Interactive Response 2.0 Adobe Reader 9.1.3 Adobe Reader 9.1.2 Adobe Reader 9.1.1 Adobe Reader 8.1.6 Adobe Reader 8.1.5 Adobe Reader 8.1.4 Adobe Reader 8.1.3 Adobe Reader 8.1.2 Adobe Reader 8.1.1 Adobe Reader 7.1.2 Adobe Reader 7.1.1 Adobe Reader 7.0.8 Adobe Reader 7.0.7 Adobe Reader 7.0.6 Adobe Reader 7.0.5 Adobe Reader 7.0.4 Adobe Reader 7.0.3 Adobe Reader 7.0.2 Adobe Reader 7.0.1 Adobe Reader 7.0 Adobe Reader 6.0.4 Adobe Reader 6.0.3 Adobe Reader 6.0.2 Adobe Reader 6.0.1 Adobe Reader 6.0 Adobe Reader 9.1 Adobe Reader 9 Adobe Reader 8.1.2 Security Updat Adobe Reader 8.1 Adobe Reader 7.1 Adobe Acrobat Standard 9.1.3 Adobe Acrobat Standard 9.1.2 Adobe Acrobat Standard 8.1.6 Adobe Acrobat Standard 8.1.4 Adobe Acrobat Standard 8.1.3 Adobe Acrobat Standard 8.1.2 Adobe Acrobat Standard 8.1.1 Adobe Acrobat Standard 7.1.3 Adobe Acrobat Standard 7.1.1 Adobe Acrobat Standard 7.0.8 Adobe Acrobat Standard 7.0.7 Adobe Acrobat Standard 7.0.6 Adobe Acrobat Standard 7.0.5 Adobe Acrobat Standard 7.0.4 Adobe Acrobat Standard 7.0.3 Adobe Acrobat Standard 7.0.2 Adobe Acrobat Standard 7.0.1 Adobe Acrobat Standard 7.0 Adobe Acrobat Standard 9.1 Adobe Acrobat Standard 9 Adobe Acrobat Standard 8.1 Adobe Acrobat Standard 8.0 Adobe Acrobat Standard 7.1 Adobe Acrobat Professional 9.1.3 Adobe Acrobat Professional 9.1.2 Adobe Acrobat Professional 8.1.6 Adobe Acrobat Professional 8.1.4 Adobe Acrobat Professional 8.1.3 Adobe Acrobat Professional 8.1.2 Adobe Acrobat Professional 8.1.1 Adobe Acrobat Professional 7.1.3 Adobe Acrobat Professional 7.1.1 Adobe Acrobat Professional 7.0.9 Adobe Acrobat Professional 7.0.8 Adobe Acrobat Professional 7.0.7 Adobe Acrobat Professional 7.0.6 Adobe Acrobat Professional 7.0.5 Adobe Acrobat Professional 7.0.4 Adobe Acrobat Professional 7.0.3 Adobe Acrobat Professional 7.0.2 Adobe Acrobat Professional 7.0.1 Adobe Acrobat Professional 7.0 Adobe Acrobat Professional 9.1 Adobe Acrobat Professional 9 Adobe Acrobat Professional 8.1.2 Security Updat Adobe Acrobat Professional 8.1 Adobe Acrobat Professional 8.0 Adobe Acrobat Professional 7.1 Adobe Acrobat Elements 7.0.8 Adobe Acrobat 3D 0
Not Vulnerable:	Gentoo app-text/acroread 7.0.9 Adobe Reader 8.1.7 Adobe Reader 7.1.4 Adobe Reader 7.0.9 Adobe Reader 9.2 Adobe Reader 8.0 Adobe Acrobat Standard 8.1.7 Adobe Acrobat Standard 7.1.4 Adobe Acrobat Standard 9.2 Adobe Acrobat Professional 8.1.7 Adobe Acrobat Professional 7.1.4 Adobe Acrobat Professional 9.2

Adobe Reader Plugin Open Parameters Cross-Site Scripting Vulnerability

Adobe Reader Plugin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the visited site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

This issue affects Adobe Reader versions 6 and 7 for Mozilla Firefox, Opera, and Microsoft Internet Explorer. Other versions for other browsers may also be affected.

Adobe Reader Plugin Open Parameters Cross-Site Scripting Vulnerability

To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI.

The following proof-of-concept URIs are available:

• /data/vulnerabilities/exploits/21858.html
• /data/vulnerabilities/exploits/21858-backdoor.html

Adobe Reader Plugin Open Parameters Cross-Site Scripting Vulnerability

Solution:
Vendor updates are available. Please see the references for more information.


S.u.S.E. openSUSE 11.0

• S.u.S.E. acroread-8.1.7-0.1.i586.rpm
  http://download.opensuse.org/update/11.0/rpm/i586/acroread-8.1.7-0.1.i 586.rpm

S.u.S.E. openSUSE 11.1

• S.u.S.E. acroread-8.1.7-0.1.1.i586.rpm
  http://download.opensuse.org/update/11.1/rpm/i586/acroread-8.1.7-0.1.1 .i586.rpm