Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos network security services platform







Full Disclosure: Re: 0day: PDF pwns Windows

Re: 0day: PDF pwns Windows

From: pdp (architect) <pdp.gnucitizen_at_googlemail.com>
Date: Thu, 20 Sep 2007 17:28:35 +0100

> My upcoming research feature everything regarding this and the issue you
> have
> already discussed.

really :).. which one... the one from last year?

On 9/20/07, Aditya K Sood <zeroknock_at_secniche.org> wrote:
> pdp (architect) wrote:
> > http://www.gnucitizen.org/blog/0day-pdf-pwns-windows
> >
> > I am closing the season with the following HIGH Risk vulnerability:
> > Adobe Acrobat/Reader PDF documents can be used to compromise your
> > Windows box. Completely!!! Invisibly and unwillingly!!! All it takes
> > is to open a PDF document or stumble across a page which embeds one.
> >
> > The issue is quite critical given the fact that PDF documents are in
> > the core of today's modern business. This and the fact that it may
> > take a while for Adobe to fix their closed source product, are the
> > reasons why I am not going to publish any POCs. You have to take my
> > word for it. The POCs will be released when an update is available.
> >
> > Adobe's representatives can contact me from the usual place. My advise
> > for you is not to open any PDF files (locally or remotely). Other PDF
> > viewers might be vulnerable too. The issues was verified on Windows XP
> > SP2 with the latest Adobe Reader 8.1, although previous versions and
> > other setups are also affected.
> >
> > A formal summary and conclusion of the GNUCITIZEN bug hunt to be expected soon.
> >
> > cheers
> >
> >
> Hi
>
> Your point is right. But there are a number of factors other
> than this
> in exploiting pdf in other sense. My latest research is working over the
> exploitation of PDF.
>
> Even if you look at the core then there are no restriction on READ in PDF
> in most of the versions. Only outbound data is filtered to some extent. you
> can even read /etc/passwd file from inside of PDF.
>
> Other infection vector includes infection through Local Area Networks
> through
> sharing and printing PDF docs and all.
>
> My upcoming research feature everything regarding this and the issue you
> have
> already discussed.
>
> Regards
> Aks
> http://ww.secniche.org
>
>
> 

-- 
pdp (architect) | petko d. petkov
http://www.gnucitizen.org
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Sep 20 2007
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]