CVE-2007-0044 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2007-0044 Interim 1 5 2023-12-09T02:16:11Z current 2021-05-30T12:37:37Z 2023-12-09T02:16:11Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2007-0044 Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka "Universal CSRF and session riding." The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AQ73S2WHF76PZTUSVS6QTLS37WZUNBLH/#AQ73S2WHF76PZTUSVS6QTLS37WZUNBLH E-Mail link for SUSE-SA:2007:011 https://www.suse.com/support/security/rating/ SUSE Security Ratings Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka "Universal CSRF and session riding." CVE-2007-0044 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N