Full Disclosure mailing list archives
Re: odd Adobe Acrobat thing...
From: "Dave Korn" <davek_throwaway () hotmail com>
Date: Mon, 4 Jul 2005 14:45:30 +0100
----Original Message----
From: Morning Wood Message-Id: BAY10-DAV15FB4ABD3CF6D1FADB80DED9E70 () phx gbl
i noticed... simply rolling over a *.pdf on your desktop launches... C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
Probably only if you have that godawful webview of folders switched on and it's trying to render a little thumbnail to put at the bottom of the html column on the left-hand-side, no? I'm still on Acrobat 6.0 and it doesn't do that, at least the way I have it configured. Adobe have probably implemented whatever COM interface it is that renders a thumbnail for explorer in their shell extension between v6 and v7.
im guessing Explorer is doing some odd things ( preloading on a rollover ) ..reminds me of the jpg GDI exploit. i imagine if AcroRd32Info.exe is exploitable you could craft a bad .pdf with data to overflow that exe. ( a simple rollover would start the sploit )
Yep, it's the exact same problem. 'doze is basically launching a viewer application (ok, COM server) whenever you mouse over various types. This is as bad an idea as the option to make-things-seem-more-like-the-web automatically launch files when you click on them once instead of twice, or one-touch record on tape decks, or fire alarms with the glass pre-smashed, or any other vital fool-proof safety measure that someone removed because it was 'inconvenient' :-( cheers, DaveK -- Can't think of a witty .sigline today.... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- odd Adobe Acrobat thing... Morning Wood (Jul 03)
- Re: odd Adobe Acrobat thing... Dave Korn (Jul 04)