|
Description: | | Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X do not properly restrict script, which allows attackers to execute arbitrary code via a crafted document, related to a "cross document script execution vulnerability." |
|
Impact: | | A remote attacker can exploit this vulnerability to bypass the same-origin policy, execute arbitrary script code and obtain potentially sensitive information, or launch spoofing attacks against other sites. |
|
Affected OS: | | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others |
|
Reference: | | AdobeSecurityBulletins:apsb11-16 SecurityTrackerID:1025658 SecurityFocusBID:48255 http://www.us-cert.gov/cas/techalerts/TA11-166A.html
|
|