CVE-2009-1600

Name of the Vulnerable Software and Affected Versions: Apple Safari (affected versions not specified)

Description: The issue allows remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object. This can occur when Apple Safari executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file. A web site that permits PDF uploads by untrusted users can be exploited, as it has a shared document.domain between the web site and this javascript: URI.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.