Summary
The host is installed with Mozilla Firefox browser and is prone to PDF Javascript Restriction Bypass Vulnerability.
Impact
Successful exploitation will let attacker execute arbitrary codes in the context of the malicious PDF file and execute arbitrary codes into the context of the remote system.
Impact Level: Application
Solution
Upgrade to Mozilla Firefox version 3.6.3 or later
For updates refer to http://www.mozilla.com/en-US/index.html
Insight
Error while executing DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file which causes bypassing restricted Adobe's JavaScript restrictions.
Affected
Firefox version 3.0.10 and prior on Linux.
References
Severity
Classification
-
CVE CVE-2009-1597 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adiscon LogAnalyzer Multiple SQL Injection and XSS Vulnerabilities
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
- A Really Simple Chat Multiple SQL Injection Vulnerabilities
- ASUS RT56U Router Multiple Vulnerabilities
- Admin Bot 'news.php' SQL Injection Vulnerability