By Romain Wednesday, January 3 2007 - 09:54 UTC - Vulnerabilities - Permalink
I've just read it on Stefan Esser's blog: Stefano Di Palmo has disclose an XSS hole in the Acrobat PDF Documents.
Just to have a look at this you can go here: PDF and XSS under Google!
This vulnerability is really important, be careful when you're opening a PDF file...
All of these vulnerabilities in rich documents (FLASH, MHTML, SVG, Quick Time Movie, PDF, etc.) look like there is a big lack of security when people are designing this. Of course these are amazing documents and very useful, but with the so called Web 2.0 (and maybe the next web 3.0 with video broadcasting and much more) there is more and more holes.
What can we do? Think twice before creating web services with media documents?
This is not productive enough and maybe a little security lack is not really bad.Do we care if a couple of guys can steal some passwords...
I guess lots of people are thinking like that, this is understandable but truly not the right way.
Comments