This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Universal PDF XSS
From OWASP
Universal PDF XSS vulnerability is a problem with the Acrobat Reader plug-in that was discovered in late 2006 and which allows any PDF document (hence the word "Universal") to be used to execute arbitrary JavaScript code in the context of the web site hosting the PDF document.
More information can be found in Media:Protecting_Web_Applications_from_Universal_PDF_XSS.ppt.