CVE-2009-1597

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox (affected versions not specified)

Description: The issue allows remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object. This can occur when Mozilla Firefox executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file. A web site that permits PDF uploads by untrusted users can be exploited, as it shares a document.domain between the web site and the javascript: URI.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.