Quasimondo - Mario Klingemann's Flash Blog: Security Issue with Acrobat Reader 6


	« How to run a beta test .. or not \| Home \| How to do Isometric Pixel Art » October 12, 2004 Security Issue with Acrobat Reader 6 Jelmer Kuperus has found a way to access a user's local harddrive via Acrobat Reader's ability to embed swf files. This opens the possibility to steal local files or cookies. As it is necessary to know the exact filenames he rates the risk only medium. More details and a demonstration can be found here. Posted at October 12, 2004 10:09 PM \| Further reading Comments Hmm... I don't get the error, even though I saved the txt. Posted by: Jeff on October 12, 2004 11:57 PM Post a comment Name: Email Address: URL: Comments: Remember info?
Site Search Google quasimondo.com incubator.quasimondo.com lectures.quasimondo.com My Twitter Updates follow me on Twitter Best Of Quasimondo StackBlur for Canvas/Javascript The Stake Picturedisko Islands Of Consciousness Flickeur Clockr Tagnautica Kaleidoscope Realtime Video Color Keying Flash 8 ColorMatrix Class Flash 8 BitmapExporter Marching Ants Path Marching Ants Rectangle Full Justified Text Component swfImageProxy xml2swf Amazon Explorer [FF Trailer] AS Shape Decoder Voronoi Diagram Worldmap Locator Page Turn Interface Google Search Widget WACK LOCOMA The Candle The Candle II The Flash Connection The Flash Connection II The J.H. Lynch Mystery The Crying Boy Categories Home Concentration Hydration Incubation Information Inspiration Manipulation Observation Occupation Publication Relevation Transformation Vibration Visualization Highly Recommended Ralph Hauwert Grant Skinner André Michelle Joa Ebert Jer Thorp Eugene Zatepyakin Nicolas Barradeau Links of Interest		Thank you! Most Visited Entries Security Issue with Acrobat Reader 6 Page Flip: The Final Word My Flashforum Tour 2005 Lecture Notes Saving JPEGs or PNGs with Flash 8 Revisited Flashforum Tour 2005: Full House Optimizing Flash Based Face Detection Flash BitmapExporter: Compress and Save Images Shared Library Secrets Page Flip: The Final Word Full Justified Text Component for Flash Sketches, Works & Source Code The Incubator Quasimondo Libs Flickr Gallery Lectures Upcoming Conferences: ~~FITC Amsterdam 2009~~ ~~Flexcamp Amsterdam 2009~~ ~~FITC Toronto 2009~~ ~~FFK 2009, Cologne~~ ~~flashconference/fmx 2009, Stuttgart~~ ~~FlashBrighton UG Meeting, Brighton~~ ~~Flash on Tap 2009, Boston~~ ~~Flashbelt 2009, Minneapolis~~ ~~Flash At The Lake 2009, Zürich~~ ~~Flash On The Beach 2009, Brighton~~ ~~FITC Edmonton 2009~~ ~~FITC Tokyo 2009~~ ~~FITC Amsterdam 2010~~ ~~Flashcamp Tokyo 2010~~ ~~Flashcamp Seoul 2010~~ ~~FFK 10, Cologne~~ ~~FITC Toronto 2010~~ ~~Flashbelt Minneapolis 2010~~ ~~FITC San Francisco 2010~~ ~~Flash on the Beach 2010~~ ~~Decoded 2010, Munich~~ 2011 - conference sabbatical ~~gotoAndSki('switzerland'); 2012~~ ~~FITC Amsterdam 2012~~ ~~Springsessions Graz 2012~~ ~~Reasons to be Creative 2012~~ My Past Lectures Contact Contact me Backlog December 2012 January 2011 May 2010 January 2010 December 2009 October 2009 September 2009 July 2009 May 2009 March 2009 February 2009 December 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 February 2008 November 2007 October 2007 September 2007 August 2007 June 2007 May 2007 April 2007 March 2007 February 2007 December 2006 November 2006 September 2006 August 2006 July 2006 May 2006 April 2006 March 2006 February 2006 January 2006 December 2005 November 2005 October 2005 September 2005 August 2005 July 2005 June 2005 May 2005 April 2005 March 2005 February 2005 January 2005 December 2004 November 2004 October 2004 September 2004 August 2004 July 2004 June 2004 May 2004 April 2004 March 2004 February 2004 January 2004 December 2003 November 2003 October 2003 September 2003 August 2003 July 2003 June 2003 May 2003 April 2003 March 2003 February 2003 January 2003 December 2002 November 2002 October 2002 September 2002 August 2002 July 2002 June 2002 In Love with Jasmine T. Powered by Movable Type 2.661 © Copyright Mario Klingemann Syndicate this site: RSS 1.0 - RSS 2.0 Quasimondo @ flickr Quasimondo @ LinkedIn Quasimondo @ Twitter Quasimondo @ Facebook Quasimondo @ MySpace Quasimondo is a Bright Citizen of the TRansnational Republic My other blog in german Impressum My family name is written Klingemann, not Klingelmann, Klingeman, Klingaman, Kingemann, Kindermann, Killingaman, Klingman, Klingmann, Klingonman Klingemman, Cleangerman, Klingerman or Kleangerman