PDF exploit

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

http://www.cbc.ca/technology/story/2007/01/04/tech-pdf.html

Comments?

--

    Boris Mohar  

 

Re: PDF exploit


|
| http://www.cbc.ca/technology/story/2007/01/04/tech-pdf.html
|
| Comments?
|

PDF XSS vulnerability

http://www.ciac.org/ciac/bulletins/r-096.shtml

http://isc.sans.org/diary.php?storyid=1999

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: PDF exploit

David H. Lipman wrote:

Quoted text here. Click to load it

I read this as an *Adobe* exploit/bug, not PDF. Says "fixed in Adobe 8".
Are other PDF readers vulnerable?  Is one vulnerable if there is no PDF
reader?

--
   -bts
   -Motorcycles defy gravity; cars just suck

Re: PDF exploit

on 04 Jan 2007, something possessed Beauregard T. Shagnasty to write:

Quoted text here. Click to load it
I don't know about other PDF viewers, but my guess is that some may be
vulnerable in this way and some may not be.

In answer to your second question, if you don't have a PDF reader, than
there's no vulnerable PDF-reader to exploit, so you're in the clear with
vulnerabilities of this nature.

Regards,

Will

Re: PDF exploit


Beauregard T. Shagnasty wrote:

Quoted text here. Click to load it
I have Adobe 8 on a W2K machine.   It is vulnerable, at least on that
machine.   Will try it on some XP boxes next.


Re: PDF exploit

Duh_OZ wrote:
Quoted text here. Click to load it
===========
Oops, cleared my cache, temp files, yaday, yada, yada and now get "not
allowed" while trying the links with the javascript alerts appended on.

Here's a condensed test link: http://tinyurl.com/y4anpl
Vulnerable will have an alert '123' pop up.


Re: PDF exploit

Duh_OZ wrote:

Quoted text here. Click to load it

No problem with that page for me, using Win2K, Firefox and FoxItReader.

--
   -bts
   -Motorcycles defy gravity; cars just suck

Re: PDF exploit

Beauregard T. Shagnasty wrote:
Quoted text here. Click to load it
I did have a problem running foxit with Adobe 7 installed. I'm a bit
confused, most of the time when I clicked on a web .pdf link, I thought
it used foxit. Anyway, I was getting the exploit. I removed Adobe
completely, now I no longer get the exploit after a one time dialog box
asking me for application to use, which causes me to think maybe I'm not
remembering previous action correctly. Also, I now see the download box
which I didn't see before. Actually I prefer that, at least I know why
I'm waiting. So to cut a long story short, no problem with winxp sp2 and
foxit 2.0
Dave Cohen
Dave Cohen

Re: PDF exploit


Quoted text here. Click to load it

I tried the above link on an XP with version 6 Acrobat that has not
been updated for a couple of years. I did not get a pop up. Either the
test is unreliable or version 6 does not have the problem.

Re: PDF exploit


Ike wrote:
Quoted text here. Click to load it
============
I just tried it on an NT 4 box using ver 5.1 and an XP box, using ver
6.0.   Neither even brought up the PDF file, much alone the alert box.
  If I did file->open(from within IE) and pasted in the link. Both the
alert and PDF document came up.   Go figure.

Currently I unchecked the PDF extesion in FF so it now asks what I want
to do with the PDF file.      Opening it by itself causes no problems,
this on the W2K, having ver 8.0.     Too lazy to try and fiddle with
the IE on the NT or XP box in order to have Adobe opened separatly.


Re: PDF exploit

On Thu, 04 Jan 2007 20:50:27 -0500 Boris Mohar wrote:

Quoted text here. Click to load it
http://www.foxitsoftware.com/pdf/rd_intro.php
--
Ernie B.

Communication:  The art of moving an idea from one mind to another, hopefully
without distortion.

Site Timeline