- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3084
- Проверка EDB
-
- Пройдено
- Автор
- STEFANO DI PAOLA
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2007-0046
- Дата публикации
- 2007-01-05
Код:
# Stefano Di Paola
# http://www.wisec.it/
From Secunia:
Input passed to a hosted PDF file is not properly sanitised by the browser plug-in
before being returned to users. This can be exploited to execute arbitrary script code in
a user's browser session in context of an affected site.
Example:
- http://[host]/[filename].pdf#[some text]=javascript:[code]
# milw0rm.com [2007-01-05]- Источник
- www.exploit-db.com
