Full Disclosure mailing list archives
Re: -10Day CERT Advisory on PDF Files
From: psz () maths usyd edu au (Paul Szabo)
Date: Mon, 16 Jun 2003 10:54:33 +1000 (EST)
To protect yourself against this bug, you may want to clobber acroread's ability to launch your browser. (May still get correct behaviour if your browser is already running.) Would launch with a system() call, using "DISPLAY=xxx BROWSER URL". Find the file wwwlink.api for your installation (I had it in /usr/local/lib/Acrobat4.05/Reader/alphaosf/plug_ins and /usr/sms/share/Acrobat/505/Reader/intellinux/plug_ins for Tru64 and Linux), then use: # perl -i.ORIG -pe 's/DISPLAY=%s %s %s /echo No go; exit\n/' wwwlink.api (Note that the replacement string must be the exact same length.) Cheers, Paul Szabo - psz () maths usyd edu au http://www.maths.usyd.edu.au:8000/u/psz/ School of Mathematics and Statistics University of Sydney 2006 Australia _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- -10Day CERT Advisory on PDF Files hack4life (Jun 13)
- <Possible follow-ups>
- Re: -10Day CERT Advisory on PDF Files Paul Szabo (Jun 15)