Accessibility
Adobe
Sign in Privacy My Adobe

Security advisory

Cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat

Release date: January 4, 2007

Vulnerability identifier: APSA07-01

CVE number: CVE-2007-0045

Platform: Windows and Linux

Summary

Adobe has provided an update to resolve a vulnerability in Adobe Reader and Acrobat. For more information, please refer to the APSB07-01 Security Bulletin. This cross-site scripting (XSS) vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat could allow remote attackers to inject arbitrary JavaScript into a browser session.

Revisions

January 9, 2007 – Advisory updated
January 4, 2007 – Advisory first created