Full Disclosure mailing list archives
Re: 0day: PDF pwns Windows
From: "cocoruder ." <frankruder () hotmail com>
Date: Tue, 25 Sep 2007 08:38:33 +0000
yes I believe the vuls will most from the JS feature, and we (Fortinet Security Research Team) has finished our security review on Adobe Reader/Acrobat, with the vendor's process, we will release advisories some months too, expecting it!
welcome to my blog: http://ruder.cdut.net
From: "Eduardo Tongson" <propolice () gmail com> To: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] 0day: PDF pwns Windows Date: Sun, 23 Sep 2007 10:59:33 +0800 That exploits the JavaScript [1] and open URI [2] feature through the Acrobat WebLink plug-in. Adobe put in JavaScript to PDF 1.3 specifications for Forms interaction. Opening up the calculator should not be a feature [3]. [1] /JS ({app.alert\("evil javascript active!"\);}\r{app.alert\("Oh wait! We aren\'t finished with you yet.."\);}\r) [2] /URI (www.nthelp.com/evil_browse.htm) [3] <http://projects.info-pull.com/moab/MOAB-06-01-2007.html> On 9/23/07, silky <michaelslists () gmail com> wrote: > On 9/22/07, Geo. <geoincidents () nls net> wrote: > > > pa> http://www.gnucitizen.org/blog/0day-pdf-pwns-windows > > > Is this the way responsible disclosure works these days ? > > > "Adobe?s representatives can contact me from the usual place." > > >> > > Wow, now that's coordinated release. Knowing the bugs that you
found
> > > previously it should take 10 minutes to rediscover this one. Which > > > makes this even worse. > >> > I just saw his video showing the exploit fireing up calculator, it
looks
> > like the same stuff (feature/exploit call it what you want) that's
been
> > around for years. See www.nthelp.com/test.pdf (warning, it won't
damage
> > anything but it may scare you) >> ps, if anyone cares, this exploit does not work on foxit pdf reader
v1.3.
> > foxit rocks. > > so lets not call it a 'pdf' vuln, but a 'adobe acrobat' vuln. > > > > > > Geo. > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > -- > mike > http://lets.coozi.com.au/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_________________________________________________________________免费下载 MSN Explorer: http://explorer.msn.com/lccn
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: 0day: PDF pwns Windows, (continued)
- Re: 0day: PDF pwns Windows Gadi Evron (Sep 25)
- Re: 0day: PDF pwns Windows Jason (Sep 25)
- Re: 0day: PDF pwns Windows North, Quinn (Sep 25)
- Re: 0day: PDF pwns Windows Steven Adair (Sep 25)
- Re: 0day: PDF pwns Windows Gadi Evron (Sep 25)
- Re: 0day: PDF pwns Windows Iggy E (Sep 25)
- Re: 0day: PDF pwns Windows Geo. (Sep 21)
- Re: 0day: PDF pwns Windows silky (Sep 22)
- Re: 0day: PDF pwns Windows Eduardo Tongson (Sep 22)
- Re: 0day: PDF pwns Windows cocoruder . (Sep 25)
- Re: 0day: PDF pwns Windows h4h (Sep 21)
- Re: 0day: PDF pwns Windows Tremaine Lea (Sep 21)
- Re: 0day: PDF pwns Windows Gadi Evron (Sep 20)
- Re: 0day: PDF pwns Windows pdp (architect) (Sep 21)