Re: Vulnerability (critical): Digital signature for Adobe Acrobat/Reader plug-in can be forged

[Melvyn Sopacua <msopacua () idg nl>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 13:02 3/24/2003, Vladimir Katalov wrote:


>   However, the implementation of certification mechanism is weak, and
>   it is
>   easy to write a plug-in that will look like one certified by Adobe,
>   and so
>   will be loaded even in 'trusted' mode. Such plug-in can execute ANY
>   code
>   -- i.e. perform file operations (read/write/execute), access Windows
>   Registry etc.

[ ... ]

>   3. 'Trusted' mode is activated automatically by Adobe Acrobat/Reader
>   when it loads documents that are protected using various DRM
>   (Digital
>   Rights Management) schemes such as WebBuy, InterTrust DocBox etc --
>   to
>   prevent protected contect from being saved with protection stripped.
>   However, a plug-in with 'fake' certificate can be loaded anyway, and
>   so it will be able to do anything with DRM-protected documents, e.g.
>   altering or removing security options.

Q: how is the chicken and egg problem circumvented here? Social
Engineering?
Or is there a similar mechaniscm like HTML Object tags, where plugin
urls are
embedded in the document and (semi-) automically installed?

Met vriendelijke groeten / With kind regards,

Webmaster IDG.nl
Melvyn Sopacua

<@JE> Hosting: $5 per month. Domain name: $15, your site being down
twice a week: Priceless.
http://www.bash.org/?42663

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)

iD8DBQE+fzkHG6UQjZVtCO8RAmu8AJ0ddu32EV/rxC6sfwji4xqs/X/bhgCfeVNM
02vJtNDK5QG1GgiZ2Yb9azY=
=Rq8n
-----END PGP SIGNATURE-----