Some had a good nights sleep last night. Generally it will be those who heeded our suggestions given last year September with Backdooring PDF Files, while others most likely didnt get any sleep at all.

I woke up this morning and started getting ready for work. As usual, I turned on my laptop and cruised over to Michael Daws SecNews and then to my RSS feeds. There is alot of talk regarding the new Adobe Universal XSS and its just got worse!

Rsnake was playing (he says for 5 minutes, I bet it was longer), and verified that this XSS attack can be extended to the local browser context. This makes this attack even worse! Not only is this attack universal but it can now exploit localhost too! Nice find RSnake.

If your interested in some of the attacks with local browser context issues check out our RSS Injection in Sage exploits.

This has got to be one of the worst and most widespread XSS attacks that I can ever remember. If your running Adobe <= 7 your most likely in trouble. Check my previous post for fix suggestions.

Proof of Concept

file:///C:/Program%20Files/Adobe/Acrobat%207.0/Resource/
   ENUtxt.pdf#blah=javascript:alert("XSS");