Cross-site scripting (XSS) vulnerability in Adobe Reader before 9.4.2 (Linux)ID: oval:org.secpod.oval:def:365 | Date: (C)2011-03-11 (M)2022-10-10 |
Class: VULNERABILITY | Family: unix |
The host is installed with Adobe Reader and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in Adobe Reader before 9.4.2, which is caused by improper validation of user-supplied input that will lead to execute script in a victim's web browser within the security context of the hosting Web site, once the URL is clicked. Successful exploitation allows remote attacker to inject arbitrary web script or HTML via unspecified vectors.