CVE-2009-4073 Information

Description

The printing functionality in Microsoft Internet Explorer 8 allows remote attackers to discover a local pathname and possibly a local username by reading the dc:title element of a PDF document that was generated from a local web page.

Reference

http://osvdb.org/60504 http://secunia.com/advisories/37362 http://securethoughts.com/2009/11/millions-of-pdf-invisibly-embedded-with-your-internal-disk-paths/ http://www.securityfocus.com/archive/1/508010/100/0/threaded http://www.theregister.co.uk/2009/11/23/internet_explorer_file_disclosure_bug/ https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A12355