Re: 0day: PDF pwns Windows
None of them are related to this vulnerability. As far as I know, the
issue is brand new.
On 9/21/07, Antivirus Taneja <taneja.security@xxxxxxxxx> wrote:
> Hi,
>
> Too interesting and dangerous....Last couple of months there were PDF
> spamming (Stocks Information) all over the internet..I analyzed those PDF i
> didn't find any such thing....Did you checked them? Are they related to any
> vulnerability?
>
> Regards,
> Taneja Vikas
> http://annysoft.wordpress.com
>
>
>
> On 9/20/07, pdp (architect) <pdp.gnucitizen@xxxxxxxxxxxxxx> wrote:
> > > My upcoming research feature everything regarding this and the issue you
> > > have
> > > already discussed.
> >
> > really :).. which one... the one from last year?
> >
> > On 9/20/07, Aditya K Sood <zeroknock@xxxxxxxxxxxx> wrote:
> > > pdp (architect) wrote:
> > > > http://www.gnucitizen.org/blog/0day-pdf-pwns-windows
> > > >
> > > > I am closing the season with the following HIGH Risk vulnerability:
> > > > Adobe Acrobat/Reader PDF documents can be used to compromise your
> > > > Windows box. Completely!!! Invisibly and unwillingly!!! All it takes
> > > > is to open a PDF document or stumble across a page which embeds one.
> > > >
> > > > The issue is quite critical given the fact that PDF documents are in
> > > > the core of today's modern business. This and the fact that it may
> > > > take a while for Adobe to fix their closed source product, are the
> > > > reasons why I am not going to publish any POCs. You have to take my
> > > > word for it. The POCs will be released when an update is available.
> > > >
> > > > Adobe's representatives can contact me from the usual place. My advise
> > > > for you is not to open any PDF files (locally or remotely). Other PDF
> > > > viewers might be vulnerable too. The issues was verified on Windows XP
> > > > SP2 with the latest Adobe Reader 8.1, although previous versions and
> > > > other setups are also affected.
> > > >
> > > > A formal summary and conclusion of the GNUCITIZEN bug hunt to be
> expected soon.
> > > >
> > > > cheers
> > > >
> > > >
> > > Hi
> > >
> > > Your point is right. But there are a number of factors other
> > > than this
> > > in exploiting pdf in other sense. My latest research is working over
> the
> > > exploitation of PDF.
> > >
> > > Even if you look at the core then there are no restriction on READ in
> PDF
> > > in most of the versions. Only outbound data is filtered to some extent.
> you
> > > can even read /etc/passwd file from inside of PDF.
> > >
> > > Other infection vector includes infection through Local Area Networks
> > > through
> > > sharing and printing PDF docs and all.
> > >
> > > My upcoming research feature everything regarding this and the issue you
> > > have
> > > already discussed.
> > >
> > > Regards
> > > Aks
> > > http://ww.secniche.org
> > >
> > >
> > >
> >
> >
> > --
> > pdp (architect) | petko d. petkov
> > http://www.gnucitizen.org
> >
>
>
--
pdp (architect) | petko d. petkov
http://www.gnucitizen.org