Full Disclosure mailing list archives
Re: 0day: PDF pwns Windows
From: "Eduardo Tongson" <propolice () gmail com>
Date: Sun, 23 Sep 2007 10:59:33 +0800
That exploits the JavaScript [1] and open URI [2] feature through the Acrobat WebLink plug-in. Adobe put in JavaScript to PDF 1.3 specifications for Forms interaction. Opening up the calculator should not be a feature [3]. [1] /JS ({app.alert\("evil javascript active!"\);}\r{app.alert\("Oh wait! We aren\'t finished with you yet.."\);}\r) [2] /URI (www.nthelp.com/evil_browse.htm) [3] <http://projects.info-pull.com/moab/MOAB-06-01-2007.html> On 9/23/07, silky <michaelslists () gmail com> wrote:
On 9/22/07, Geo. <geoincidents () nls net> wrote:pa> http://www.gnucitizen.org/blog/0day-pdf-pwns-windows Is this the way responsible disclosure works these days ? "Adobe?s representatives can contact me from the usual place." Wow, now that's coordinated release. Knowing the bugs that you found previously it should take 10 minutes to rediscover this one. Which makes this even worse.I just saw his video showing the exploit fireing up calculator, it looks like the same stuff (feature/exploit call it what you want) that's been around for years. See www.nthelp.com/test.pdf (warning, it won't damage anything but it may scare you)ps, if anyone cares, this exploit does not work on foxit pdf reader v1.3. foxit rocks. so lets not call it a 'pdf' vuln, but a 'adobe acrobat' vuln.Geo. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-- mike http://lets.coozi.com.au/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: 0day: PDF pwns Windows, (continued)
- Re: 0day: PDF pwns Windows Valdis . Kletnieks (Sep 25)
- Re: 0day: PDF pwns Windows Gadi Evron (Sep 25)
- Re: 0day: PDF pwns Windows Jason (Sep 25)
- Re: 0day: PDF pwns Windows North, Quinn (Sep 25)
- Re: 0day: PDF pwns Windows Steven Adair (Sep 25)
- Re: 0day: PDF pwns Windows Gadi Evron (Sep 25)
- Re: 0day: PDF pwns Windows Iggy E (Sep 25)
- Re: 0day: PDF pwns Windows Geo. (Sep 21)
- Re: 0day: PDF pwns Windows silky (Sep 22)
- Re: 0day: PDF pwns Windows Eduardo Tongson (Sep 22)
- Re: 0day: PDF pwns Windows cocoruder . (Sep 25)
- Re: 0day: PDF pwns Windows h4h (Sep 21)
- Re: 0day: PDF pwns Windows Tremaine Lea (Sep 21)
- Re: 0day: PDF pwns Windows Gadi Evron (Sep 20)
- Re: 0day: PDF pwns Windows pdp (architect) (Sep 21)