Full Disclosure mailing list archives

Re: -10Day CERT Advisory on PDF Files

From: psz () maths usyd edu au (Paul Szabo)
Date: Mon, 16 Jun 2003 10:54:33 +1000 (EST)

To protect yourself against this bug, you may want to clobber acroread's
ability to launch your browser. (May still get correct behaviour if your
browser is already running.) Would launch with a system() call, using
"DISPLAY=xxx BROWSER URL". Find the file wwwlink.api for your installation
(I had it in /usr/local/lib/Acrobat4.05/Reader/alphaosf/plug_ins and
/usr/sms/share/Acrobat/505/Reader/intellinux/plug_ins for Tru64 and Linux),
then use:

# perl -i.ORIG -pe 's/DISPLAY=%s %s %s /echo No go; exit\n/' wwwlink.api

(Note that the replacement string must be the exact same length.)

Cheers,

Paul Szabo - psz () maths usyd edu au  http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics  University of Sydney   2006  Australia
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

-10Day CERT Advisory on PDF Files hack4life (Jun 13)
- <Possible follow-ups>
- Re: -10Day CERT Advisory on PDF Files Paul Szabo (Jun 15)